CVE-2022-21608: 
MySQL vulnerability analysis and mitigation

CVE-2022-21608 is a vulnerability in the MySQL Server product of Oracle MySQL, specifically affecting the Server: Optimizer component. The vulnerability affects MySQL versions 5.7.39 and prior, and 8.0.30 and prior. This easily exploitable vulnerability allows high privileged attackers with network access via multiple protocols to compromise MySQL Server (Oracle Advisory).

The vulnerability has been assigned a CVSS 3.1 Base Score of 4.9 (Medium severity) with the vector string: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. The scoring indicates that the vulnerability requires network access, has low attack complexity, requires high privileges, needs no user interaction, has unchanged scope, and only impacts availability (NetApp Advisory).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. The vulnerability specifically affects the availability of the system while maintaining confidentiality and integrity (Oracle Advisory).

Oracle has released patches to address this vulnerability in their October 2022 Critical Patch Update. Users should upgrade to MySQL versions after 5.7.39 for the 5.7 series or after 8.0.30 for the 8.0 series. Ubuntu users can update to MySQL 8.0.31 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS, or MySQL 5.7.40 in Ubuntu 18.04 LTS (Ubuntu Notice).