CVE-2023-21836: 
MySQL vulnerability analysis and mitigation

CVE-2023-21836 is a vulnerability in the MySQL Server product of Oracle MySQL, specifically affecting the Server: DML (Data Manipulation Language) component. The vulnerability affects MySQL Server versions 8.0.31 and prior. This security issue was disclosed as part of Oracle's Critical Patch Update in January 2023 (Oracle CPU).

The vulnerability has been assigned a CVSS 3.1 Base Score of 4.9 (Medium severity), with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. The scoring indicates that the vulnerability is network-accessible (AV:N), requires low attack complexity (AC:L), high privileges (PR:H), no user interaction (UI:N), has unchanged scope (S:U), and only impacts availability (A:H) with no impact on confidentiality or integrity (NVD).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash, leading to a complete denial of service (DOS) of MySQL Server. The vulnerability only affects the availability of the system, with no impact on confidentiality or integrity (Oracle CPU).

Oracle has released patches to address this vulnerability in the January 2023 Critical Patch Update. Users are strongly recommended to update to MySQL versions after 8.0.31. The fix is included in MySQL version 8.0.32 (Oracle CPU).