MySQL, Denial of Service (DoS), CVE-2025-21529 (Medium)

By /

How CVE-2025-21529 Works

This vulnerability affects MySQL Server’s Information Schema component in versions 8.0.40 and prior, 8.4.3 and prior, and 9.1.0 and prior. A high-privileged attacker with network access can exploit it via multiple protocols to trigger a complete denial of service (DoS) by causing the server to hang or crash repeatedly. The flaw stems from improper handling of specially crafted queries to the Information Schema, leading to resource exhaustion or memory corruption. The CVSS 3.1 score of 4.9 reflects its medium severity due to the high privileges required (PR:H) and impact limited to availability (A:H).

DailyCVE Form

Platform: MySQL
Version: 8.0.40, 8.4.3, 9.1.0
Vulnerability: DoS
Severity: Medium
Date: 04/08/2025

What Undercode Say:

Exploitation Analysis

1. Exploit Trigger: Malicious queries targeting `INFORMATION_SCHEMA` tables.

  1. Privilege Requirement: Attacker must have high privileges (e.g., `SUPER` or SYSTEM_USER).

3. Payload Example:

SELECT FROM INFORMATION_SCHEMA.TABLES
WHERE TABLE_NAME LIKE '%malicious_pattern%'
PROCEDURE ANALYSE();

4. Network Vector: Exploitable over MySQL protocols (TCP/3306).

Protection Measures

  1. Patch: Upgrade to MySQL versions beyond 8.0.40, 8.4.3, or 9.1.0.

2. Privilege Restriction: Limit `SUPER` and `SYSTEM_USER` privileges.

  1. Query Filtering: Block anomalous `INFORMATION_SCHEMA` queries via WAF.

4. Monitoring: Log repeated crashes or hangs.

Detection Commands

Check MySQL version:
mysql --version
Audit privileged users:
SELECT User, Host FROM mysql.user WHERE Super_priv = 'Y';
Monitor crash logs:
grep -i "crash" /var/log/mysql/error.log

Mitigation Script

-- Revoke excessive privileges:
REVOKE SUPER ON . FROM 'admin'@'%';
-- Enable query logging:
SET GLOBAL general_log = 'ON';

CVSS 4.0 Vector

`CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N`

Affected Configurations

  • MySQL Server with `information_schema` access enabled.
  • Default installations with high-privileged accounts.

References

  • Oracle Critical Patch Update (CPU) Jan 2025.
  • NVD CVE-2025-21529.

References:

Reported By: https://nvd.nist.gov/vuln/detail/CVE-2025-21529
Extra Source Hub:
Undercode

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Scroll to Top