CVE-2024-57654 – A vulnerability in the qst_vec_get

Q: What is the severity of CVE-2024-57654?

CVE-2024-57654 has a CVSS score of 7.5 (HIGH). A vulnerability in the qst_vec_get_int64 component of OpenLink Virtuoso Open-Source allows attackers to cause Denial of Service (DoS) through specially crafted SQL statements. This affects systems running vulnerable versions of Virtuoso, potentially disrupting database availability for applications relying on this software.

📋 TL;DR

A vulnerability in the qst_vec_get_int64 component of OpenLink Virtuoso Open-Source allows attackers to cause Denial of Service (DoS) through specially crafted SQL statements. This affects systems running vulnerable versions of Virtuoso, potentially disrupting database availability for applications relying on this software.

💻 Affected Systems

Products:

OpenLink Virtuoso Open-Source

Versions: v7.2.11 (specific version mentioned, but earlier versions may also be affected)

Operating Systems: All platforms running Virtuoso

Default Config Vulnerable: ⚠️ Yes

Notes: Any Virtuoso installation accepting SQL queries is potentially vulnerable. The vulnerability is in a core SQL processing component.

📦 What is this software?

Virtuoso by Openlinksw

View all CVEs affecting Virtuoso →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database service disruption, making applications unavailable until service restart or recovery procedures are completed.

🟠

Likely Case

Temporary service interruption requiring manual intervention to restart the Virtuoso service, causing application downtime.

🟢

If Mitigated

Minimal impact with proper input validation and monitoring in place to detect and block malicious SQL patterns.

🌐 Internet-Facing: MEDIUM - Internet-facing Virtuoso instances accepting SQL queries are vulnerable if exposed without proper input filtering.

🏢 Internal Only: MEDIUM - Internal applications could still be exploited by authenticated users or through application-layer attacks.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires ability to execute SQL statements against the Virtuoso instance. This could be through direct database access or via vulnerable application endpoints.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check GitHub issue for latest patched version

Vendor Advisory: https://github.com/openlink/virtuoso-opensource/issues/1205

Restart Required: Yes

Instructions:

1. Monitor the GitHub issue for official patch release. 2. Upgrade to the patched version when available. 3. Restart Virtuoso service after upgrade.

🔧 Temporary Workarounds

Input Validation Filtering

all

Implement application-layer input validation to filter or reject suspicious SQL patterns before they reach Virtuoso.

Network Segmentation

all

Restrict database access to only trusted application servers and administrators.

🧯 If You Can't Patch

Implement strict SQL input validation in all applications connecting to Virtuoso
Deploy network-level protections (WAF, IPS) to detect and block malicious SQL patterns

🔍 How to Verify

Check if Vulnerable:

Check Virtuoso version: SELECT sys_stat('st_dbms_ver'); If version is v7.2.11 or potentially earlier versions, assume vulnerable.

Check Version:

SELECT sys_stat('st_dbms_ver');

Verify Fix Applied:

After patching, verify version is updated and monitor for service stability during SQL processing.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL query patterns
Service crashes or restarts
Error logs containing qst_vec_get_int64 references

Network Indicators:

Multiple failed SQL queries from single sources
Unusual SQL syntax patterns in database traffic

SIEM Query:

source="virtuoso.log" AND ("crash" OR "segfault" OR "qst_vec_get_int64")

📊 Metadata

CVE ID: CVE-2024-57654

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-404

EPSS Score: 0.32% exploit probability (54.6th percentile)

Published: January 14, 2025

Last Updated: April 17, 2025

🔗 References

https://github.com/openlink/virtuoso-opensource/issues/1205 Exploit,Issue Tracking,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-57654, you might also want to check these: