GO-2024-2826

See a problem?
Please try reporting it to the source first.

Source

https://pkg.go.dev/vuln/GO-2024-2826

Import Source

https://vuln.go.dev/ID/GO-2024-2826.json

JSON Data

https://api.test.osv.dev/v1/vulns/GO-2024-2826

Aliases

Published

2024-05-10T20:07:17Z

Modified

2024-07-09T19:33:56Z

Summary

Denial of service attack by triggering unbounded memory usage in vitess.io/vitess

Details

When executing a query, the vtgate will go into an endless loop that also keeps consuming memory and eventually will OOM. This causes a denial of service.

Database specific

{
    "review_status": "REVIEWED",
    "url": "https://pkg.go.dev/vuln/GO-2024-2826"
}

References

Credits

- @dbussink, @mattrobenolt, and @vmg

Affected packages

Go / vitess.io/vitess

Package

Name: vitess.io/vitess; View open source insights on deps.dev
Purl: pkg:golang/vitess.io/vitess

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.17.7

Introduced

0.18.0

Fixed

0.18.5

Introduced

0.19.0

Fixed

0.19.4

Ecosystem specific

{
    "custom_ranges": [
        {
            "events": [
                {
                    "introduced": "0"
                },
                {
                    "fixed": "17.0.7"
                },
                {
                    "introduced": "18.0.0"
                },
                {
                    "fixed": "18.0.5"
                },
                {
                    "introduced": "19.0.0"
                },
                {
                    "fixed": "19.0.4"
                }
            ],
            "type": "ECOSYSTEM"
        }
    ],
    "imports": [
        {
            "path": "vitess.io/vitess/go/mysql/collations/charset",
            "symbols": [
                "Convert",
                "ConvertFromBinary",
                "ConvertFromUTF8",
                "Validate",
                "convertSlow"
            ]
        },
        {
            "path": "vitess.io/vitess/go/mysql/collations/charset/unicode",
            "symbols": [
                "Charset_ucs2.DecodeRune",
                "Charset_utf16be.DecodeRune",
                "Charset_utf16be.EncodeRune",
                "Charset_utf32.EncodeRune"
            ]
        },
        {
            "path": "vitess.io/vitess/go/vt/vtgate/evalengine",
            "symbols": [
                "Add",
                "AggregateEvalTypes",
                "CoerceTo",
                "CoerceTypes",
                "Column.Format",
                "Column.FormatFast",
                "Comparison.ApplyTinyWeights",
                "Comparison.Compare",
                "Comparison.Less",
                "Comparison.More",
                "Comparison.Sort",
                "Comparison.SortResult",
                "CompiledExpr.Format",
                "CompiledExpr.FormatFast",
                "Divide",
                "EvalResult.MustBoolean",
                "EvalResult.String",
                "EvalResult.ToBoolean",
                "EvalResult.ToBooleanStrict",
                "EvalResult.TupleValues",
                "EvalResult.Value",
                "ExpressionEnv.Evaluate",
                "ExpressionEnv.EvaluateVM",
                "FieldResolver.Column",
                "IntroducerExpr.eval",
                "Literal.Format",
                "Literal.FormatFast",
                "Merger.Init",
                "Merger.Pop",
                "Merger.Push",
                "Multiply",
                "NewLiteralBinaryFromBit",
                "NewLiteralDateFromBytes",
                "NewLiteralDatetimeFromBytes",
                "NewLiteralDecimalFromBytes",
                "NewLiteralFloatFromBytes",
                "NewLiteralIntegralFromBytes",
                "NewLiteralTimeFromBytes",
                "NullSafeAdd",
                "NullsafeCompare",
                "NullsafeHashcode",
                "NullsafeHashcode128",
                "OrderByParams.Compare",
                "OrderByParams.String",
                "Sorter.Push",
                "Sorter.Sorted",
                "Subtract",
                "Translate",
                "TupleBindVariable.Format",
                "TupleBindVariable.FormatFast",
                "TupleExpr.Format",
                "TupleExpr.FormatFast",
                "UnsupportedCollationError.Error",
                "UntypedExpr.Compile",
                "UntypedExpr.Format",
                "UntypedExpr.FormatFast",
                "WeightString",
                "aggregationDecimal.Add",
                "aggregationDecimal.Max",
                "aggregationDecimal.Min",
                "aggregationFloat.Add",
                "aggregationFloat.Max",
                "aggregationFloat.Min",
                "aggregationInt.Add",
                "aggregationInt.Max",
                "aggregationInt.Min",
                "aggregationMinMax.Max",
                "aggregationMinMax.Min",
                "aggregationSumAny.Add",
                "aggregationSumCount.Add",
                "aggregationUint.Add",
                "aggregationUint.Max",
                "aggregationUint.Min",
                "argError.Error",
                "assembler.Fn_JSON_KEYS",
                "assembler.Fn_REGEXP_REPLACE_slow",
                "assembler.PushLiteral",
                "astCompiler.translateIntroducerExpr",
                "errJSONType.Error",
                "evalBytes.Hash"
            ]
        }
    ]
}