CPANSA-DBD-SQLite-2018-20346: DBD-SQLite vulnerability
| Publisher | giterlizzi | Document category | csaf_security_advisory |
|---|---|---|---|
| Initial release date | 2018-12-21T00:00:00 | Engine | CSAF Perl Toolkit 0.25 |
| Current release date | 2018-12-21T00:00:00 | Build Date | |
| Current version | 1 | Status | final |
| CVSS v3.1 Base Score | 8.1 | Severity | High |
| Original language | Language | en | |
| Also referred to | |||
Vulnerability Description
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.
Vulnerabilities
CVE-2018-20346
Vulnerability DescriptionSQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.
| Weakness | CWE-190 : Integer Overflow or Wraparound |
|---|
Product status
Known affected
| Product | Score | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DBD-SQLite less than 1.61_01 |
|
Fixed
- DBD-SQLite greater than or equal 1.61_01
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
- CPANSA-DBD-SQLite-2018-20346 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2018/cpansa-dbd-sqlite-2018-20346.json - https://www.sqlite.org/releaselog/3_25_3.html external
https://www.sqlite.org/releaselog/3_25_3.html - https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg113218.html external
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg113218.html - https://crbug.com/900910 external
https://crbug.com/900910 - https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e external
https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e - https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html external
https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html - https://bugzilla.redhat.com/show_bug.cgi?id=1659677 external
https://bugzilla.redhat.com/show_bug.cgi?id=1659677 - https://bugzilla.redhat.com/show_bug.cgi?id=1659379 external
https://bugzilla.redhat.com/show_bug.cgi?id=1659379 - https://blade.tencent.com/magellan/index_en.html external
https://blade.tencent.com/magellan/index_en.html - https://access.redhat.com/articles/3758321 external
https://access.redhat.com/articles/3758321 - https://worthdoingbadly.com/sqlitebug/ external
https://worthdoingbadly.com/sqlitebug/ - https://sqlite.org/src/info/d44318f59044162e external
https://sqlite.org/src/info/d44318f59044162e - https://sqlite.org/src/info/940f2adc8541a838 external
https://sqlite.org/src/info/940f2adc8541a838 - https://news.ycombinator.com/item?id=18685296 external
https://news.ycombinator.com/item?id=18685296 - https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html external
https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html - https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html external
https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html - https://www.synology.com/security/advisory/Synology_SA_18_61 external
https://www.synology.com/security/advisory/Synology_SA_18_61 - http://www.securityfocus.com/bid/106323 external
http://www.securityfocus.com/bid/106323 - https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc external
https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc - http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html external
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html - http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html external
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html - https://security.gentoo.org/glsa/201904-21 external
https://security.gentoo.org/glsa/201904-21 - https://usn.ubuntu.com/4019-1/ external
https://usn.ubuntu.com/4019-1/ - https://usn.ubuntu.com/4019-2/ external
https://usn.ubuntu.com/4019-2/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/ external
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/ - https://support.apple.com/HT209448 external
https://support.apple.com/HT209448 - https://support.apple.com/HT209447 external
https://support.apple.com/HT209447 - https://support.apple.com/HT209446 external
https://support.apple.com/HT209446 - https://support.apple.com/HT209451 external
https://support.apple.com/HT209451 - https://support.apple.com/HT209443 external
https://support.apple.com/HT209443 - https://support.apple.com/HT209450 external
https://support.apple.com/HT209450 - https://www.oracle.com/security-alerts/cpuapr2020.html external
https://www.oracle.com/security-alerts/cpuapr2020.html - https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html external
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html - https://kc.mcafee.com/corporate/index?page=content&id=SB10365 external
https://kc.mcafee.com/corporate/index?page=content&id=SB10365 - CVE-2018-20346 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2018-20346
Revision history
| Version | Date of the revision | Summary of the revision |
|---|---|---|
| 1 | Fri Dec 21 00:00:00 2018 | First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/