MonetDB Server Denial-of-Service Vulnerability in exp_ref Component

A denial-of-service vulnerability has been identified in MonetDB Server version 11.49.1. The issue arises in the exp_ref component, where attackers can cause the server to crash by sending specially crafted SQL statements. This vulnerability can be reproduced in a Docker environment using the MonetDB/MonetDB:Dec2023 image.

Impact

Exploitation of this vulnerability leads to a crash of the MonetDB server process, causing a denial-of-service condition where the database server is no longer available to handle requests.

Reproduction

The vulnerability can be reproduced by creating a table and then executing a DELETE statement that includes a subquery. This subquery, when processed, causes the server to crash. The issue can be automated with a shell script that runs the SQL command using the MonetDB client, 'mclient', and checks for the server process afterward.

Remediation

Users can update to the latest version of MonetDB Server, as this vulnerability has been addressed in the December 2023 release.