CVE-2021-2340: 
MySQL vulnerability analysis and mitigation

CVE-2021-2340 is a vulnerability in the MySQL Server product of Oracle MySQL, specifically affecting the Server: Memcached component. The vulnerability affects MySQL Server versions 8.0.25 and prior. It is an easily exploitable vulnerability that allows high privileged attackers with network access via multiple protocols to compromise MySQL Server (Oracle Advisory).

The vulnerability has been assigned a CVSS 3.1 Base Score of 2.7 (Low) with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L. The scoring indicates that the vulnerability requires network access (AV:N), has low attack complexity (AC:L), requires high privileges (PR:H), needs no user interaction (UI:N), has unchanged scope (S:U), and impacts only availability (A:L) with no impact on confidentiality or integrity (NetApp Advisory).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. The impact is limited to availability with no effect on confidentiality or integrity of the system (Oracle Advisory).

Oracle has released patches to address this vulnerability in their July 2021 Critical Patch Update. Users should upgrade to the latest version of MySQL Server. For Fedora users, the fix is available in community-mysql version 8.0.26-1 (Fedora Update).