CVE-2023-22053: 
MySQL vulnerability analysis and mitigation

CVE-2023-22053 is a vulnerability affecting MySQL Server versions 5.7.42 and prior, and 8.0.33 and prior. This vulnerability was disclosed in July 2023 as part of Oracle's Critical Patch Update. It is characterized as a difficult to exploit vulnerability that allows low privileged attackers with network access via multiple protocols to compromise MySQL Server (Oracle CPU).

The vulnerability has been assigned a CVSS v3.1 base score of 5.9 (Medium severity) with the following vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H. The scoring indicates that the vulnerability requires network access, has high attack complexity, needs low privileges, requires no user interaction, has unchanged scope, with low confidentiality impact and high availability impact (NVD).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server and unauthorized read access to a subset of MySQL Server accessible data (Oracle CPU, NetApp Advisory).

Oracle has released patches for affected versions in their July 2023 Critical Patch Update. Users should upgrade to MySQL Server versions after 5.7.42 for the 5.7 series or after 8.0.33 for the 8.0 series. Various vendors have also released their own security updates, including Red Hat and Fedora (Fedora Update).