Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
[
{
"target": {
"function": "mysql_test_select",
"file": "sql/sql_prepare.cc"
},
"id": "CVE-2021-2166-05c7814c",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6",
"digest": {
"function_hash": "322128387529780625592402890608648572913",
"length": 1382.0
}
},
{
"target": {
"file": "sql/sql_derived.cc"
},
"id": "CVE-2021-2166-0b79189e",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6",
"digest": {
"line_hashes": [
"8376308921794643741701672030968664939",
"232938431702890569967529964990510805858",
"156935383331326070759284374582573215374",
"319188585465869426447694675742810284314",
"195978959015672643546896046468512073720",
"186914805573621586770799268670423495601",
"184098504852850448733505618452706751503",
"257019084214720884159526716952479552926",
"208522982103125932622770522087140256483",
"161126447642095895822482869837686626840",
"260399343256022085728421119837455812260",
"86974682356935820809437566681831043391",
"323198554721651991414320781385521082385",
"73073261068670371719770287508748727990",
"328274921891070475929777568712471794870",
"134715197553679507358974418074540409098",
"161102368812016543595319424570300176101",
"193581079227660862907858489419856964303",
"9625058991100069502652877227768933890"
],
"threshold": 0.9
}
},
{
"target": {
"file": "sql/sql_base.cc"
},
"id": "CVE-2021-2166-192da221",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6",
"digest": {
"line_hashes": [
"168544384147256645351056743036618817406",
"50451342659074436417376011823148259476",
"186318101579849850461204891639931981521",
"218390225894619315967716500252344584557"
],
"threshold": 0.9
}
},
{
"target": {
"function": "mysql_handle_single_derived",
"file": "sql/sql_derived.cc"
},
"id": "CVE-2021-2166-319b8344",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6",
"digest": {
"function_hash": "94106374924971372826460142161729586423",
"length": 913.0
}
},
{
"target": {
"function": "open_normal_and_derived_tables",
"file": "sql/sql_base.cc"
},
"id": "CVE-2021-2166-362ca9d2",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6",
"digest": {
"function_hash": "294940075262138667602358936354965008942",
"length": 597.0
}
},
{
"target": {
"function": "mysql_test_create_table",
"file": "sql/sql_prepare.cc"
},
"id": "CVE-2021-2166-38cdab29",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6",
"digest": {
"function_hash": "235753819923495502702942664180535283210",
"length": 942.0
}
},
{
"target": {
"function": "fill_schema_table_by_open",
"file": "sql/sql_show.cc"
},
"id": "CVE-2021-2166-7b0b2027",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6",
"digest": {
"function_hash": "41437778563358113259307207121800751509",
"length": 2225.0
}
},
{
"target": {
"function": "mysql_handle_derived",
"file": "sql/sql_derived.cc"
},
"id": "CVE-2021-2166-81fce179",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6",
"digest": {
"function_hash": "101931646880406494030966935605892683304",
"length": 1479.0
}
},
{
"target": {
"function": "mysqld_list_fields",
"file": "sql/sql_show.cc"
},
"id": "CVE-2021-2166-8df0282a",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6",
"digest": {
"function_hash": "146040710720366585580707197404632625234",
"length": 1000.0
}
},
{
"target": {
"function": "mysql_test_do_fields",
"file": "sql/sql_prepare.cc"
},
"id": "CVE-2021-2166-956391da",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6",
"digest": {
"function_hash": "282265357197290812965726598369122592845",
"length": 452.0
}
},
{
"target": {
"file": "sql/sql_class.h"
},
"id": "CVE-2021-2166-9d90e26e",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6",
"digest": {
"line_hashes": [
"25659621010009786125164404455603937145",
"244812572285093701929011865903861410272",
"135505733500033385538611137446985357365",
"329449124570590508714789493975010729205",
"171314629574034887773000597308419181797",
"89764016259477326958381951977404856061",
"334855243505824478683610057194996675696"
],
"threshold": 0.9
}
},
{
"target": {
"file": "sql/sql_show.cc"
},
"id": "CVE-2021-2166-a94f21ff",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6",
"digest": {
"line_hashes": [
"209753238693340880041535547327645207005",
"334070641843918206322074786894599376572",
"316310665983206167860018462332509291806",
"232548721670911873680560609057779397011",
"167208539937498664681683735279208545598",
"199585545327948560623734408763450157132",
"76506685930476968229085867394001919863",
"281172649008171803085776340743584734404"
],
"threshold": 0.9
}
},
{
"target": {
"function": "mysql_test_set_fields",
"file": "sql/sql_prepare.cc"
},
"id": "CVE-2021-2166-f4163153",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6",
"digest": {
"function_hash": "194805658341721684859143128259654138627",
"length": 499.0
}
},
{
"target": {
"file": "sql/sql_prepare.cc"
},
"id": "CVE-2021-2166-f9d6bd0f",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6",
"digest": {
"line_hashes": [
"225110962163697236869617512016214378999",
"271803788401245016054311266015887247976",
"114628426084200241910127751388202670921",
"42628445176351403523529725694633223320",
"101225470818017190287972083985866998692",
"50089665062729635219130237219008110524",
"133595521131707003650803866502738985173",
"223516217828469003607440062498462692971",
"142072693006293248333500908379946308505",
"30545965552448550597052659314849753491",
"88667210771268085064696118079338461125",
"126625423290341858471048495625847257641",
"163916659944676181836255996539400582964",
"62126678808852359200323133039533474712",
"8645302836542464987474811482763832914",
"273608608288985838897703698112404943796"
],
"threshold": 0.9
}
}
]