CVE-2023-21867: 
MySQL vulnerability analysis and mitigation

CVE-2023-21867 is a vulnerability in the MySQL Server product of Oracle MySQL, specifically affecting the Server Optimizer component. The vulnerability affects MySQL Server versions 8.0.31 and prior. This security issue was disclosed as part of Oracle's January 2023 Critical Patch Update (Oracle Advisory).

The vulnerability has been assigned a CVSS 3.1 Base Score of 4.9 (Medium severity), with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. The vulnerability requires a high-privileged attacker with network access via multiple protocols to exploit (NVD).

A successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash, leading to a complete Denial of Service (DoS) of MySQL Server (NVD).

Oracle has released security patches to address this vulnerability. Users should upgrade MySQL Server to versions after 8.0.31. For Ubuntu users, the vulnerability has been fixed in MySQL 8.0.32 for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10, while Ubuntu 18.04 LTS has been updated to MySQL 5.7.41 (Broadcom Advisory).