oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

sqlite: CVE-2018-20346: integer overflow (resulting in buffer overflow) for FTS3 queries

From: Salvatore Bonaccorso <carnil () debian org>
Date: Fri, 21 Dec 2018 22:47:06 +0100
Hi

MITRE has assigned CVE-2018-20346 for the "Magellan" called vulnerabilities.
The description in the CVE database reads as:


SQLite before 3.25.3, when the FTS3 extension is enabled, encounters
an integer overflow (and resultant buffer overflow) for FTS3 queries
that occur after crafted changes to FTS3 shadow tables, allowing
remote attackers to execute arbitrary code by leveraging the ability
to run arbitrary SQL statements (such as in certain WebSQL use cases),
aka Magellan.


below some references for the issue:

https://bugzilla.redhat.com/show_bug.cgi?id=1659379
https://bugzilla.redhat.com/show_bug.cgi?id=1659677
https://www.mail-archive.com/sqlite-users () mailinglists sqlite org/msg113218.html
https://blade.tencent.com/magellan/index_en.html
https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html
https://crbug.com/900910
https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e
https://www.sqlite.org/releaselog/3_25_3.html
https://access.redhat.com/articles/3758321

Salvatore
Previous By Date Next
Previous By Thread Next

Current thread: