CVE-2021-35641: 
MySQL vulnerability analysis and mitigation

CVE-2021-35641 is a vulnerability in the MySQL Server Optimizer component that affects MySQL Server versions 5.7.35 and prior, and 8.0.26 and prior. The vulnerability was disclosed in October 2021 as part of Oracle's Critical Patch Update. This security issue affects the core database functionality and requires high privileges to exploit (Oracle CPU).

The vulnerability has been assessed with a CVSS v3.1 base score of 4.9 (MEDIUM), with the following vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. This indicates that the vulnerability is network accessible, requires high privileges to exploit, needs no user interaction, and can impact system availability (NetApp Advisory).

A successful exploitation of this vulnerability could allow an attacker with high privileges to cause a denial of service condition, potentially leading to a hang or frequently repeatable crash of the MySQL Server (NetApp Advisory).

Oracle has released patches to address this vulnerability in their October 2021 Critical Patch Update. Users should upgrade to the latest supported versions of MySQL Server. For MySQL 5.7, upgrade to version 5.7.36 or later, and for MySQL 8.0, upgrade to version 8.0.27 or later (Ubuntu Notice).