CVE-2024-20996: 
MySQL vulnerability analysis and mitigation

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server (Oracle Advisory).

The vulnerability has been assigned a CVSS 3.1 Base Score of 4.9 (Medium severity) with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. The scoring indicates that the vulnerability requires network access, has low attack complexity, requires high privileges, needs no user interaction, has unchanged scope, and impacts only availability (NVD).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. The impact is limited to availability with no direct effects on confidentiality or integrity (Oracle Advisory).

Oracle has released patches to address this vulnerability in the July 2024 Critical Patch Update. Users are strongly recommended to update to the latest version. For MySQL Server versions 8.0.37 and prior, and 8.4.0 and prior, patches are available through the official Oracle update channels (Oracle Advisory).