Login Sign Up

CVE-2024-21134

4.3 MEDIUM
Denial of Service

📋 TL;DR

This vulnerability in Oracle MySQL Server allows low-privileged attackers with network access to cause a partial denial of service (DoS) by disrupting connection handling. It affects MySQL Server versions 8.0.37 and earlier, and 8.4.0 and earlier. Attackers can degrade server availability without requiring authentication bypass or data access.

💻 Affected Systems

Products:
  • Oracle MySQL Server
Versions: 8.0.37 and earlier, 8.4.0 and earlier
Operating Systems: All platforms running affected MySQL versions
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the Server: Connection Handling component. Requires low-privileged network access via multiple protocols.

📦 What is this software?

Mysql by Oracle

View all CVEs affecting Mysql →

Mysql by Oracle

View all CVEs affecting Mysql →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could repeatedly exploit this to degrade MySQL server performance, causing intermittent service disruptions that affect dependent applications.

🟠

Likely Case

Low-privileged users or compromised accounts could cause temporary connection handling issues, leading to sporadic timeouts or connection failures for legitimate users.

🟢

If Mitigated

With proper network segmentation and least privilege access, impact would be limited to isolated segments with minimal service disruption.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

CVSS indicates 'easily exploitable' with low attack complexity. Requires low-privileged access but not authentication bypass.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to MySQL 8.0.38 or 8.4.1 or later

Vendor Advisory: https://www.oracle.com/security-alerts/cpujul2024.html

Restart Required: Yes

Instructions:

1. Download latest MySQL version from Oracle. 2. Backup databases. 3. Stop MySQL service. 4. Install updated version. 5. Restart MySQL service. 6. Verify version and functionality.

🔧 Temporary Workarounds

Restrict network access

all

Limit MySQL server access to trusted IPs only

# In MySQL my.cnf: bind-address = trusted_ip
# Use firewall: iptables -A INPUT -p tcp --dport 3306 -s trusted_ip -j ACCEPT

Minimize user privileges

all

Review and reduce privileges for all MySQL users to minimum required

REVOKE ALL PRIVILEGES ON *.* FROM 'user'@'host';
GRANT SELECT, INSERT ON database.* TO 'user'@'host';

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate MySQL servers from untrusted networks
  • Deploy rate limiting or connection throttling at network perimeter to limit DoS impact

🔍 How to Verify

Check if Vulnerable:

Check MySQL version: SELECT VERSION(); If version is 8.0.37 or earlier, or 8.4.0 or earlier, system is vulnerable.

Check Version:

mysql -u root -p -e 'SELECT VERSION();'

Verify Fix Applied:

After patching, run SELECT VERSION(); and confirm version is 8.0.38+ or 8.4.1+. Test connection handling under load.

📡 Detection & Monitoring

Log Indicators:

  • Unusual connection failures or timeouts in MySQL error logs
  • Multiple connection attempts from single low-privileged accounts

Network Indicators:

  • Abnormal TCP connection patterns to MySQL port 3306
  • Increased connection establishment/reset packets

SIEM Query:

source="mysql.log" ("connection failed" OR "timeout") | stats count by src_ip

📊 Metadata

CVE ID: CVE-2024-21134
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Published: July 16, 2024
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON