-
-
Save ycybfhb/4aa6809695b9e8a1cd1429e597c17517 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [CVE ID] | |
| CVE-2024-41434 | |
| [PRODUCT] | |
| PingCAP TiDB | |
| [VERSION] | |
| v8.1.0 | |
| [PROBLEM TYPE] | |
| buffer overflow | |
| [DESCRIPTION] | |
| PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow vulnerability, | |
| which could lead to database crashes and denial of service attacks. | |
| The reason is that when planer call 'RemoveUnnecessaryFirstRow', | |
| it will check the expression between 'Agg' and 'GroupBy', | |
| but it doesn't check the return type, so it get wrong unnecessary 'FirstRow'. | |
| [Reference] | |
| https://github.com/pingcap/tidb/issues/53733 | |
| [FIX] | |
| https://github.com/pingcap/tidb/pull/54067 | |
| [Discoverer] | |
| Jiaju Bai, Zixuan Fu, Hongbo Feng, Jianwei Liu |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment