CVE-2021-2172: 
MySQL vulnerability analysis and mitigation

CVE-2021-2172 is a vulnerability in the MySQL Server product of Oracle MySQL, specifically affecting the Server: DML component in versions 8.0.23 and prior. This vulnerability was disclosed in April 2021 as part of Oracle's Critical Patch Update. It is an easily exploitable vulnerability that allows low privileged attackers with network access via multiple protocols to compromise MySQL Server (Oracle Advisory).

The vulnerability has been assigned a CVSS 3.1 Base Score of 6.5 (Medium severity) with the following vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. The scoring indicates that the vulnerability is network-accessible, requires low attack complexity, needs low privileges, requires no user interaction, has unchanged scope, and can impact system availability while having no impact on confidentiality or integrity (NVD).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. The vulnerability specifically affects the DML (Data Manipulation Language) component of MySQL Server, potentially disrupting database operations (Oracle Advisory, NetApp Advisory).

Oracle has released patches for this vulnerability in MySQL version 8.0.24. Users are strongly recommended to update to this version or later. The fix is available through Oracle's Critical Patch Update from April 2021. Various vendors have also released updated versions incorporating these fixes, including Fedora (community-mysql-8.0.24) and NetApp products (Fedora Update).