CVE-2022-21594: 
MySQL vulnerability analysis and mitigation

CVE-2022-21594 is a vulnerability in the MySQL Server product of Oracle MySQL, specifically affecting the Server Optimizer component. The vulnerability affects MySQL versions 8.0.30 and prior. This security issue was disclosed as part of Oracle's Critical Patch Update in October 2022 (Oracle Advisory).

The vulnerability has been assigned a CVSS 3.1 Base Score of 4.9 (MEDIUM) with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. The vulnerability requires a high-privileged attacker with network access via multiple protocols to exploit. The attack complexity is considered low, requiring no user interaction (NetApp Advisory).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash, leading to a complete denial of service (DoS) of MySQL Server. The vulnerability only affects availability, with no impact on confidentiality or integrity (NVD).

Oracle has released security patches to address this vulnerability in the October 2022 Critical Patch Update. Users are strongly recommended to update to versions newer than MySQL 8.0.30. The vulnerability has been fixed in community MySQL version 8.0.32 for various distributions including Fedora (Fedora Update).