MonetDB Server Denial-of-Service Vulnerability in HEAP_malloc Component

A denial-of-service vulnerability has been identified in MonetDB Server version 11.49.1. The issue arises in the HEAP_malloc component, where attackers can cause the server to crash by sending crafted SQL statements. This vulnerability can be reproduced by creating a table with a specific SQL query, inserting data, and then executing a series of SQL commands that trigger the crash. The problem has been acknowledged as a bug in the Dec2023-SP1 release.

Impact

Exploitation of this vulnerability leads to a crash of the MonetDB server, causing a denial-of-service condition where the server is no longer available to handle requests.

Reproduction

The vulnerability can be reproduced by running a Docker container with the MonetDB Jun2023-SP2 image. After starting the container, set up the database admin password and wait for the server to fully start. Once the server is running, execute a series of SQL commands that include creating a table, inserting data, and performing operations that trigger the HEAP_malloc crash. This can be done by piping the SQL commands into the MonetDB client (mclient) connected to the database.