CVE-2022-21423: 
MySQL vulnerability analysis and mitigation

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB) affecting versions 8.0.28 and prior. This is tracked as CVE-2022-21423, which was discovered and allocated on November 15, 2021. The vulnerability affects the MySQL Server through multiple protocols (MITRE, ORACLE).

The vulnerability has been assigned a CVSS 3.1 Base Score of 2.7 (Low severity), primarily impacting availability. The CVSS Vector is (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L), indicating that it requires network access and high privileges to exploit, but requires no user interaction. The vulnerability specifically affects the InnoDB component of MySQL Server (NETAPP).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. The impact is limited to availability, with no direct impact on confidentiality or integrity of the system (ORACLE).

Oracle has released patches to address this vulnerability in the April 2022 Critical Patch Update. Users are advised to update to versions newer than MySQL 8.0.28. For Ubuntu users, MySQL has been updated to version 8.0.29 in Ubuntu 20.04 LTS, Ubuntu 21.10, and Ubuntu 22.04 LTS (UBUNTU).