-
-
Save ycybfhb/a9c1e14ce281f2f553adca84d384b761 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [CVE ID] | |
| CVE-2024-37820 | |
| [PRODUCT] | |
| PingCAP TiDB | |
| [VERSION] | |
| v8.2.0-alpha-216-gfe5858b | |
| [PROBLEM TYPE] | |
| buffer overflow | |
| [DESCRIPTION] | |
| PingCAP TiDB v8.2.0-alpha-216-gfe5858b was discovered to contain a buffer overflow vulnerability, | |
| which could lead to database crashes and denial of service attacks. | |
| It's because the NewFunctionInternal (which is about to create a new in function) in ColumnSubstituteImpl returns nil, | |
| and then the first argument of case changed to nil, and cause this panic. | |
| [Reference] | |
| https://github.com/pingcap/tidb/issues/53580 | |
| [FIX] | |
| https://github.com/pingcap/tidb/pull/53716 | |
| [Discoverer] | |
| Jiaju Bai, Zixuan Fu, Hongbo Feng, Jianwei Liu |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment