CVE-2025-61029

An attacker sends a crafted `CREATE TABLE` statement containing a complex `CHECK` constraint with nested subqueries, arithmetic expressions, and `CASE`/`IN` clauses [ref_id=1]. The statement is submitted via the `isql` client to the Virtuoso server on port 1111. The malformed SQL causes a crash in the `sqlo_untry` function during query compilation, resulting in a denial of service. No authentication is required beyond the default DBA credentials used in the reproduction steps.

The crash occurs in the `sqlo_untry` function (frame #0 of the backtrace), called from `sqlo_layout_1` and `sqlo_top_2` during SQL statement compilation. The issue is triggered when the DDL parser processes a crafted `CREATE TABLE` statement with deeply nested subqueries inside `CHECK` constraints, ultimately reaching `ddl_table_check_constraints_define_triggers` (frame #8).

The advisory does not include a patch. The vendor has been notified via the GitHub issue [ref_id=1], but no fix commit or remediation guidance is published as of the advisory date. Users should monitor the upstream repository for a future patch or restrict access to the DDL interface to trusted clients only.