CVE-2021-35591: 
MySQL vulnerability analysis and mitigation

CVE-2021-35591 is a security vulnerability affecting MySQL Server (component: Server: DML) versions 8.0.26 and prior. The vulnerability was disclosed in October 2021 as part of Oracle's Critical Patch Update. This is an easily exploitable vulnerability that allows high privileged attackers with network access via multiple protocols to compromise MySQL Server (Oracle CPU).

The vulnerability has a CVSS v3.1 Base Score of 4.9 (Medium) with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. The scoring indicates that the vulnerability requires network access, has low attack complexity, requires high privileges, needs no user interaction, has unchanged scope, and impacts only availability (NVD).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. The vulnerability affects availability but does not impact confidentiality or integrity of the system (Oracle CPU).

Oracle released patches for this vulnerability in MySQL version 8.0.27. Users are strongly recommended to update to this version or later. The vulnerability has also been addressed in various distributions including Fedora 33, 34, and 35 through community-mysql-8.0.27-1 updates (Fedora Update).