11 comments

[ 3.9 ms ] story [ 32.8 ms ] thread
Can it be link to CVE-2021-3156 ?

10 years old sudo vulnerability.

No, it can’t. To exploit this vulnerability, you need the ability to run shell commands/arbitrary code on the system. Google Cloud SQL only lets you run SQL, and I would expect the servers to be locked down pretty heavily when it comes to non-database stuff.
Thanks for the info. It must be a coincidence then. The timing looked like there was a possibility
The vulnerability was announced on Tuesday. And vulnerabilities typically don’t cause unplanned outages like this.
> Instance creation, operations, and queries in us-central1 region may result in 502 (backend timeout) or 503 (service unavailable) errors.
Not seeing any issues in my side project's instance (us-central1-b).
Looks like something common between the control plane and data plane failed or there is a run-time dependency between the two (bad!) and that dependency failed.
how did you conclude that? Also, why is it bad to have common runtime dependencies between two services? Unless you mean a shared service.