CVE-2024-32886

Vitess is a database clustering system for horizontal scaling of MySQL. When executing the following simple query, the vtgate will go into an endless loop that also keeps consuming memory and eventually will run out of memory. This vulnerability is fixed in 19.0.4, 18.0.5, and 17.0.7.

Weakness

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

References

• https://github.com/vitessio/vitess/blob/8f6cfaaa643a08dc111395a75a2d250ee746cfa8/go/mysql/collations/charset/convert.go#L73-L79
• https://github.com/vitessio/vitess/blob/8f6cfaaa643a08dc111395a75a2d250ee746cfa8/go/mysql/collations/charset/unicode/utf16.go#L69-L71
• https://github.com/vitessio/vitess/commit/2fd5ba1dbf6e9b32fdfdaf869d130066b1b5c0df
• https://github.com/vitessio/vitess/commit/9df4b66550e46b5d7079e21ed0e1b0f49f92b055
• https://github.com/vitessio/vitess/commit/c46dc5b6a4329a10589ca928392218d96031ac8d
• https://github.com/vitessio/vitess/commit/d438adf7e34a6cf00fe441db80842ec669a99202
• https://github.com/vitessio/vitess/security/advisories/GHSA-649x-hxfx-57j2
• https://github.com/vitessio/vitess/blob/8f6cfaaa643a08dc111395a75a2d250ee746cfa8/go/mysql/collations/charset/convert.go#L73-L79
• https://github.com/vitessio/vitess/blob/8f6cfaaa643a08dc111395a75a2d250ee746cfa8/go/mysql/collations/charset/unicode/utf16.go#L69-L71
• https://github.com/vitessio/vitess/commit/2fd5ba1dbf6e9b32fdfdaf869d130066b1b5c0df
• https://github.com/vitessio/vitess/commit/9df4b66550e46b5d7079e21ed0e1b0f49f92b055
• https://github.com/vitessio/vitess/commit/c46dc5b6a4329a10589ca928392218d96031ac8d
• https://github.com/vitessio/vitess/commit/d438adf7e34a6cf00fe441db80842ec669a99202
• https://github.com/vitessio/vitess/security/advisories/GHSA-649x-hxfx-57j2