Bloomberg’s Comdb2 Vulnerable to DoS Through Malicious Packets
Cisco Talos’ Vulnerability Discovery & Research team has disclosed five critical security vulnerabilities in Bloomberg’s Comdb2 open-source database that could allow attackers to cause denial-of-service conditions through specially crafted network packets.
The vulnerabilities, all affecting version 8.1 of the high-availability database system, have been successfully patched by Bloomberg following responsible disclosure protocols.
Critical Security Flaws Discovered in Database System
Bloomberg’s Comdb2, an open-source clustered database that supports advanced features including transactions, snapshots, and isolation through optimistic locking mechanisms, has been found to contain multiple security vulnerabilities that pose significant risks to database availability.
| CVE ID | Talos ID | Vulnerability Type |
| CVE-2025-36520 | TALOS-2025-2197 | Null Pointer Dereference |
| CVE-2025-35966 | TALOS-2025-2201 | Null Pointer Dereference |
| CVE-2025-48498 | TALOS-2025-2199 | Null Pointer Dereference |
| CVE-2025-46354 | TALOS-2025-2198 | Denial of Service |
| CVE-2025-36512 | TALOS-2025-2200 | Denial of Service |
The database system, widely used for high-availability applications, utilizes sophisticated clustering technology to ensure continuous operation under normal circumstances.
The discovered vulnerabilities primarily target the database’s network communication protocols and distributed transaction handling capabilities.
Security researchers found that attackers could exploit these flaws by simply establishing TCP connections to database instances and transmitting malicious packets, making the attack vectors relatively straightforward to execute.
Three of the identified vulnerabilities involve null pointer dereference conditions that can crash the database service.
Two of these critical flaws specifically target the protocol buffer message handling system, while the third affects the distributed transaction component.
These vulnerabilities allow remote attackers to cause immediate service disruption without requiring authentication or special privileges.
The remaining two vulnerabilities focus on denial-of-service scenarios within the distributed transaction framework.
One targets the commit and abort operations, while another exploits the heartbeat mechanism used to maintain transaction coordination across distributed nodes.
Both vulnerabilities can be triggered through carefully crafted network packets sent to the database service.
Bloomberg has successfully addressed all identified vulnerabilities through software patches released in accordance with Cisco’s third-party vulnerability disclosure policy.
Organizations utilizing Comdb2 in production environments should immediately update to the latest patched version to mitigate potential security risks.
Cisco Talos has developed Snort detection rules capable of identifying exploitation attempts targeting these vulnerabilities.
Network administrators can download the latest rule sets from Snort.org to implement proactive monitoring and detection capabilities.
Additional vulnerability advisories and technical details remain available through Talos Intelligence’s official vulnerability reporting platform.
Post Comment