CVE-2024-57663 – A vulnerability in the sqlg_place

Q: What is the severity of CVE-2024-57663?

CVE-2024-57663 has a CVSS score of 7.5 (HIGH). A vulnerability in the sqlg_place_dpipes component of OpenLink Virtuoso OpenSource allows attackers to cause Denial of Service (DoS) through specially crafted SQL statements. This affects systems running vulnerable versions of the database software, potentially disrupting database availability and dependent applications.

📋 TL;DR

A vulnerability in the sqlg_place_dpipes component of OpenLink Virtuoso OpenSource allows attackers to cause Denial of Service (DoS) through specially crafted SQL statements. This affects systems running vulnerable versions of the database software, potentially disrupting database availability and dependent applications.

💻 Affected Systems

Products:

OpenLink Virtuoso OpenSource

Versions: v7.2.11 (specific version mentioned; check for other potentially affected versions)

Operating Systems: All platforms running Virtuoso

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the sqlg_place_dpipes component specifically; any system using Virtuoso with SQL query processing is vulnerable.

📦 What is this software?

Virtuoso by Openlinksw

View all CVEs affecting Virtuoso →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database service disruption leading to application downtime, data unavailability, and potential cascading failures in dependent systems.

🟠

Likely Case

Database service crashes or becomes unresponsive, requiring manual restart and causing temporary service disruption.

🟢

If Mitigated

Limited impact with proper network segmentation, query filtering, and monitoring allowing quick detection and response.

🌐 Internet-Facing: HIGH - Internet-facing databases are directly exposed to crafted SQL injection attempts from external attackers.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this, but requires database access.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires ability to execute SQL statements against the database; likely requires some level of database access or SQL injection vector.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check GitHub issue for fix version; likely v7.2.12 or later

Vendor Advisory: https://github.com/openlink/virtuoso-opensource/issues/1218

Restart Required: No

Instructions:

1. Check the GitHub issue for official patch. 2. Update Virtuoso to the patched version. 3. Test database functionality after update.

🔧 Temporary Workarounds

SQL Query Filtering

all

Implement input validation and filtering for SQL statements to block crafted queries targeting the vulnerable component.

Network Access Restrictions

all

Restrict database access to only trusted applications and users, minimizing attack surface.

🧯 If You Can't Patch

Implement strict network segmentation to isolate database from untrusted networks
Deploy Web Application Firewall (WAF) or database firewall to filter malicious SQL patterns

🔍 How to Verify

Check if Vulnerable:

Check Virtuoso version: if running v7.2.11, assume vulnerable. Review GitHub issue for confirmation.

Check Version:

SELECT sys_stat('st_dbms_version');

Verify Fix Applied:

Update to patched version and verify version number; test with normal SQL operations to ensure stability.

📡 Detection & Monitoring

Log Indicators:

Database crash logs
Unusual SQL query patterns
High CPU/memory usage spikes before crash

Network Indicators:

Multiple failed SQL queries from single source
Abnormal database connection patterns

SIEM Query:

source="virtuoso.log" AND ("crash" OR "segfault" OR "abnormal termination")

📊 Metadata

CVE ID: CVE-2024-57663

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

EPSS Score: 0.08% exploit probability (22.5th percentile)

Published: January 14, 2025

Last Updated: April 17, 2025

🔗 References

https://github.com/openlink/virtuoso-opensource/issues/1218 Exploit,Issue Tracking

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-57663, you might also want to check these: