CVE-2024-57662 – This vulnerability in the sqlg_hash

Q: What is the severity of CVE-2024-57662?

CVE-2024-57662 has a CVSS score of 7.5 (HIGH). This vulnerability in the sqlg_hash_source component of OpenLink Virtuoso OpenSource allows attackers to cause Denial of Service (DoS) by sending specially crafted SQL statements. It affects Virtuoso OpenSource v7.2.11 installations that process untrusted SQL input. Database administrators and applications using vulnerable Virtuoso instances are at risk.

📋 TL;DR

This vulnerability in the sqlg_hash_source component of OpenLink Virtuoso OpenSource allows attackers to cause Denial of Service (DoS) by sending specially crafted SQL statements. It affects Virtuoso OpenSource v7.2.11 installations that process untrusted SQL input. Database administrators and applications using vulnerable Virtuoso instances are at risk.

💻 Affected Systems

Products:

OpenLink Virtuoso OpenSource

Versions: v7.2.11

Operating Systems: All platforms running Virtuoso OpenSource

Default Config Vulnerable: ⚠️ Yes

Notes: Any Virtuoso installation accepting SQL queries is vulnerable. The vulnerability is in the core sqlg_hash_source component.

📦 What is this software?

Virtuoso by Openlinksw

View all CVEs affecting Virtuoso →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database service disruption, making all database operations unavailable until service restart

🟠

Likely Case

Partial service degradation or temporary unavailability affecting dependent applications

🟢

If Mitigated

Minimal impact with proper input validation and query filtering in place

🌐 Internet-Facing: HIGH - Internet-facing Virtuoso instances accepting SQL from untrusted sources are highly vulnerable to DoS attacks

🏢 Internal Only: MEDIUM - Internal instances still vulnerable to malicious insiders or compromised internal systems

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires ability to execute SQL statements. No public exploit code is available, but the vulnerability is well-documented in the GitHub issue.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v7.2.12 or later

Vendor Advisory: https://github.com/openlink/virtuoso-opensource/issues/1217

Restart Required: No

Instructions:

1. Check current version with 'isql -v' 2. Download latest version from GitHub releases 3. Follow upgrade instructions in Virtuoso documentation 4. Verify upgrade with version check

🔧 Temporary Workarounds

Input Validation and Query Filtering

all

Implement strict input validation and filtering for SQL statements before they reach the database

Rate Limiting and Query Monitoring

all

Implement rate limiting on database connections and monitor for unusual query patterns

🧯 If You Can't Patch

Implement strict network segmentation and firewall rules to limit database access
Deploy web application firewall (WAF) or database firewall to filter malicious SQL patterns

🔍 How to Verify

Check if Vulnerable:

Check Virtuoso version with command: isql -v | grep 'Version'

Check Version:

isql -v | grep 'Version'

Verify Fix Applied:

Verify version is v7.2.12 or later and test with normal SQL operations

📡 Detection & Monitoring

Log Indicators:

Unusual SQL query patterns
Multiple failed query attempts
Database service restart events
High CPU/memory usage spikes

Network Indicators:

Unusual volume of SQL traffic from single source
Repeated connection attempts with SQL payloads

SIEM Query:

source="virtuoso.log" AND ("sqlg_hash_source" OR "service restart" OR "out of memory")

📊 Metadata

CVE ID: CVE-2024-57662

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

EPSS Score: 0.08% exploit probability (22.5th percentile)

Published: January 14, 2025

Last Updated: April 17, 2025

🔗 References

https://github.com/openlink/virtuoso-opensource/issues/1217 Exploit,Issue Tracking

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-57662, you might also want to check these: