MonetDB Server Denial-of-Service Vulnerability in exp_bin Component

A denial-of-service vulnerability has been identified in MonetDB Server version 11.49.1, specifically within the exp_bin component. This issue allows attackers to cause the server to crash by sending crafted SQL statements. The vulnerability can be reproduced by creating a table and executing a SELECT statement that includes certain SQL functions and operations, such as median calculation and window functions, which trigger the crash.

Impact

Exploitation of this vulnerability leads to a crash of the MonetDB server process, causing a denial-of-service condition where the server is no longer available to handle requests.

Reproduction

The vulnerability can be reproduced by running a Docker container with the MonetDB image version Dec2023. After setting up the database and user credentials, a crafted SQL statement can be executed using the MonetDB command-line client (mclient) that triggers the server crash. The crash can be verified by checking the absence of the MonetDB server process.