Vulnerability Report: GO-2024-2826
- CVE-2024-32886, GHSA-649x-hxfx-57j2
- Affects: vitess.io/vitess
- Published: May 10, 2024
- Modified: May 20, 2024
When executing a query, the vtgate will go into an endless loop that also keeps consuming memory and eventually will OOM. This causes a denial of service.
For detailed information about this vulnerability, visit https://github.com/vitessio/vitess/security/advisories/GHSA-649x-hxfx-57j2.
Affected Packages
-
PathVersionsSymbols
-
before v0.17.7, from v0.18.0 before v0.18.5, from v0.19.0 before v0.19.4
-
before v0.17.7, from v0.18.0 before v0.18.5, from v0.19.0 before v0.19.4
-
before v0.17.7, from v0.18.0 before v0.18.5, from v0.19.0 before v0.19.4
56 affected symbols
- Add
- AggregateEvalTypes
- CoerceTo
- CoerceTypes
- Column.Format
- Column.FormatFast
- Comparison.ApplyTinyWeights
- Comparison.Compare
- Comparison.Less
- Comparison.More
- Comparison.Sort
- Comparison.SortResult
- CompiledExpr.Format
- CompiledExpr.FormatFast
- Divide
- EvalResult.MustBoolean
- EvalResult.String
- EvalResult.ToBoolean
- EvalResult.ToBooleanStrict
- EvalResult.TupleValues
- EvalResult.Value
- ExpressionEnv.Evaluate
- ExpressionEnv.EvaluateVM
- FieldResolver.Column
- Literal.Format
- Literal.FormatFast
- Merger.Init
- Merger.Pop
- Merger.Push
- Multiply
- NewLiteralBinaryFromBit
- NewLiteralDateFromBytes
- NewLiteralDatetimeFromBytes
- NewLiteralDecimalFromBytes
- NewLiteralFloatFromBytes
- NewLiteralIntegralFromBytes
- NewLiteralTimeFromBytes
- NullSafeAdd
- NullsafeCompare
- NullsafeHashcode
- NullsafeHashcode128
- OrderByParams.Compare
- OrderByParams.String
- Sorter.Push
- Sorter.Sorted
- Subtract
- Translate
- TupleBindVariable.Format
- TupleBindVariable.FormatFast
- TupleExpr.Format
- TupleExpr.FormatFast
- UnsupportedCollationError.Error
- UntypedExpr.Compile
- UntypedExpr.Format
- UntypedExpr.FormatFast
- WeightString
Aliases
References
- https://github.com/vitessio/vitess/security/advisories/GHSA-649x-hxfx-57j2
- https://github.com/vitessio/vitess/commit/2fd5ba1dbf6e9b32fdfdaf869d130066b1b5c0df
- https://github.com/vitessio/vitess/commit/9df4b66550e46b5d7079e21ed0e1b0f49f92b055
- https://github.com/vitessio/vitess/commit/c46dc5b6a4329a10589ca928392218d96031ac8d
- https://github.com/vitessio/vitess/commit/d438adf7e34a6cf00fe441db80842ec669a99202
- https://github.com/vitessio/vitess/blob/8f6cfaaa643a08dc111395a75a2d250ee746cfa8/go/mysql/collations/charset/convert.go#L73-L79
- https://github.com/vitessio/vitess/blob/8f6cfaaa643a08dc111395a75a2d250ee746cfa8/go/mysql/collations/charset/unicode/utf16.go#L69-L71
- https://vuln.go.dev/ID/GO-2024-2826.json
Credits
- @dbussink, @mattrobenolt, and @vmg
Feedback
See anything missing or incorrect?
Suggest an edit to this report.