CVE-2021-42390 : What You Need to Know
Learn about CVE-2021-42390, a Clickhouse vulnerability allowing divide-by-zero attacks. Discover impact, affected versions, and mitigation steps.
A Divide-by-zero vulnerability in Clickhouse's DeltaDouble compression codec can be exploited by parsing a malicious query, potentially leading to denial of service.
Understanding CVE-2021-42390
What is CVE-2021-42390?
The CVE-2021-42390 vulnerability involves a divide-by-zero issue in Clickhouse's DeltaDouble compression codec when processing a malicious query, where the first byte of the compressed buffer is used in a modulo operation without checking for zero.
The Impact of CVE-2021-42390
This vulnerability has a CVSS base score of 6.5 (Medium) with a high availability impact. It can be exploited remotely with low privileges required, potentially causing a denial of service.
Technical Details of CVE-2021-42390
Vulnerability Description
The vulnerability lies in the handling of a compressed buffer's first byte within Clickhouse's DeltaDouble compression codec, allowing a divide-by-zero scenario.
Affected Systems and Versions
- Product: Clickhouse
- Vendor: Yandex
- Version: < 21.10.2.15-stable (custom)
Exploitation Mechanism
A threat actor can exploit this vulnerability by sending a specially crafted query to a system using the affected version, triggering the divide-by-zero condition.
Mitigation and Prevention
Immediate Steps to Take
- Update Clickhouse to a patched version (21.10.2.15-stable or later).
- Monitor network traffic for any unusual activities that could indicate exploitation attempts.
Long-Term Security Practices
- Regularly review and update security configurations and best practices for database systems.
- Conduct security assessments and penetration testing to identify and address vulnerabilities.
Patching and Updates
- Apply vendor-supplied patches promptly to address security vulnerabilities and protect systems from exploitation.