CVE-2023-21873: 
MySQL vulnerability analysis and mitigation

CVE-2023-21873 is a vulnerability in the MySQL Server product of Oracle MySQL, specifically affecting the Server: Optimizer component. The vulnerability affects MySQL Server versions 8.0.31 and prior. This security flaw was disclosed on January 18, 2023, as part of Oracle's Critical Patch Update (Oracle CPU, Ubuntu Security).

The vulnerability is characterized as an easily exploitable flaw that allows high-privileged attackers with network access to compromise MySQL Server through multiple protocols. The vulnerability has been assigned a CVSS 3.1 Base Score of 4.9 (Medium severity), with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H (Ubuntu Security).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash, leading to a complete denial of service (DoS) of MySQL Server. The vulnerability affects only availability, with no impact on confidentiality or integrity (Ubuntu Security).

The vulnerability has been fixed in MySQL version 8.0.32. Users are advised to upgrade to this version or later. For Ubuntu systems, fixed versions include 8.0.32-0ubuntu2 for various Ubuntu releases including 24.10, 24.04 LTS, 23.10, and 23.04. Ubuntu 22.04 LTS users should upgrade to 8.0.32-0buntu0.22.04.1, while Ubuntu 20.04 LTS users should upgrade to 8.0.32-0buntu0.20.04.1 (Ubuntu Security).