CVE-2021-35610
📋 TL;DR
This vulnerability in MySQL Server's optimizer component allows authenticated attackers with network access to cause denial of service (server hangs or crashes) and perform unauthorized data modifications. It affects MySQL Server versions 8.0.26 and earlier, requiring only low-privileged database access.
💻 Affected Systems
- Oracle MySQL Server
📦 What is this software?
Fedora by Fedoraproject
Fedora by Fedoraproject
Fedora by Fedoraproject
Mysql by Oracle
⚠️ Risk & Real-World Impact
Worst Case
Complete database server outage (DoS) combined with unauthorized data manipulation affecting critical business operations.
Likely Case
Service disruption through repeated crashes and potential data integrity issues from unauthorized modifications.
If Mitigated
Limited impact if proper network segmentation and privilege controls prevent low-privileged users from exploiting the vulnerability.
🎯 Exploit Status
Oracle rates as 'easily exploitable' but requires authenticated access; specific exploit details not publicly documented.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 8.0.27 and later
Vendor Advisory: https://www.oracle.com/security-alerts/cpuoct2021.html
Restart Required: Yes
Instructions:
1. Download MySQL 8.0.27 or later from Oracle. 2. Backup databases. 3. Stop MySQL service. 4. Install updated version. 5. Restart MySQL service. 6. Verify version with 'SELECT VERSION();'
🔧 Temporary Workarounds
Restrict Database Privileges
allMinimize attack surface by limiting CREATE, INSERT, DELETE, and UPDATE privileges to essential users only.
REVOKE CREATE, INSERT, DELETE, UPDATE ON *.* FROM 'lowprivuser'@'%';
FLUSH PRIVILEGES;
Network Access Controls
linuxRestrict MySQL network access to trusted IP addresses only.
# In my.cnf: bind-address = trusted_ip
# Firewall rule: iptables -A INPUT -p tcp --dport 3306 -s trusted_ip -j ACCEPT
🧯 If You Can't Patch
- Implement strict network segmentation to isolate MySQL servers from untrusted networks
- Apply principle of least privilege to all database users and regularly audit permissions
🔍 How to Verify
Check if Vulnerable:
Connect to MySQL and run: SELECT VERSION(); If version is 8.0.26 or earlier, system is vulnerable.Check Version:
mysql -u username -p -e 'SELECT VERSION();'Verify Fix Applied:
After patching, run: SELECT VERSION(); Should show 8.0.27 or later. Test optimizer functionality with complex queries.📡 Detection & Monitoring
Log Indicators:
- Multiple optimizer-related errors in MySQL error log
- Unexpected server crashes or hangs
- Unusual CREATE/INSERT/DELETE operations from low-privileged users
Network Indicators:
- Multiple failed optimizer-related queries from single source
- Abnormal query patterns targeting optimizer functions
SIEM Query:
source="mysql.log" ("optimizer" AND (error OR crash)) OR ("Access denied" AND "CREATE|INSERT|DELETE")🔗 References
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/
- https://security.netapp.com/advisory/ntap-20211022-0003/
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/
- https://security.netapp.com/advisory/ntap-20211022-0003/
- https://www.oracle.com/security-alerts/cpuoct2021.html
