MonetDB Server Denial-of-Service Vulnerability in Tail Type Component

A denial-of-service vulnerability has been identified in MonetDB Server version 11.49.1. The issue arises in the tail_type component, where attackers can cause the server to crash by sending crafted SQL statements. This vulnerability can be reproduced by executing a specific SQL query that exploits the group's handling within the query processing engine.

Impact

Exploitation of this vulnerability leads to a crash of the MonetDB server process, causing a denial-of-service condition where the database server becomes unresponsive and unavailable for handling requests.

Reproduction

The vulnerability can be reproduced by running a specific SQL query that includes a 'GROUP BY' clause with a subquery. This query can be executed using the MonetDB command-line client (mclient) after setting up a MonetDB server instance with the Dec2023 Docker image. The process involves creating a new Docker container, initializing the database, and then executing the crafted SQL query, which triggers the server crash.

Remediation

Users can update to MonetDB Server version Dec2023-SP3, where this issue has been fixed.