CVE-2020-2759: 
MySQL vulnerability analysis and mitigation

CVE-2020-2759 is a vulnerability in the MySQL Server product of Oracle MySQL, specifically affecting the Server: Replication component. The vulnerability affects MySQL versions 8.0.19 and prior. This security flaw was disclosed in April 2020 as part of Oracle's Critical Patch Update (Oracle CPU).

The vulnerability has been assigned a CVSS 3.0 Base Score of 4.9 (Medium severity) with the following vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. The vulnerability is easily exploitable and requires high privileged attacker access with network access via multiple protocols to compromise MySQL Server (NVD, Oracle CPU).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash, leading to a complete Denial of Service (DoS) of MySQL Server. The vulnerability affects availability but does not impact confidentiality or integrity (NetApp Advisory).

Oracle has released patches to address this vulnerability in MySQL version 8.0.20. Various Linux distributions have also released updated packages: Ubuntu has released mysql-server-8.0 version 8.0.20-0ubuntu0.20.04.1 for Ubuntu 20.04 and similar versions for other releases, Fedora has released community-mysql-8.0.20 for versions 30, 31, and 32 (Ubuntu Notice, Fedora Update).