Ubuntu update for SQLite
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 12 |
| CVE-ID | CVE-2017-2518 CVE-2017-2520 CVE-2018-20505 CVE-2018-20346 CVE-2018-20506 CVE-2019-8457 CVE-2019-9936 CVE-2019-9937 CVE-2017-10989 CVE-2017-13685 CVE-2017-2519 CVE-2016-6153 |
| CWE-ID | CWE-120 CWE-89 CWE-125 CWE-476 CWE-122 CWE-20 CWE-119 CWE-399 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #10 is available. |
| Vulnerable software Subscribe |
sqlite3 (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU6582
Risk: High
CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2518
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to buffer overflow when processing SQL queries. A remote attacker can send specially crafted SQL queries, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may allow an attacker to gain complete control over affected system.
MitigationUpdate the affected packages.
- Ubuntu 19.04
- libsqlite3-0 - 3.27.2-2ubuntu0.1
- sqlite3 - 3.27.2-2ubuntu0.1
- Ubuntu 18.10
- libsqlite3-0 - 3.24.0-1ubuntu0.1
- sqlite3 - 3.24.0-1ubuntu0.1
- Ubuntu 18.04 LTS
- libsqlite3-0 - 3.22.0-1ubuntu0.1
- sqlite3 - 3.22.0-1ubuntu0.1
- Ubuntu 16.04 LTS
- libsqlite3-0 - 3.11.0-1ubuntu1.2
- sqlite3 - 3.11.0-1ubuntu1.2
sqlite3 (Ubuntu package): 3.11.0-1ubuntu1 - 3.11.0-1ubuntu1.1
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU6584
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2520
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to buffer overflow when processing SQL queries. A remote attacker can send specially crafted SQL queries, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may allow an attacker to gain complete control over affected system.
MitigationUpdate the affected packages.
- Ubuntu 19.04
- libsqlite3-0 - 3.27.2-2ubuntu0.1
- sqlite3 - 3.27.2-2ubuntu0.1
- Ubuntu 18.10
- libsqlite3-0 - 3.24.0-1ubuntu0.1
- sqlite3 - 3.24.0-1ubuntu0.1
- Ubuntu 18.04 LTS
- libsqlite3-0 - 3.22.0-1ubuntu0.1
- sqlite3 - 3.22.0-1ubuntu0.1
- Ubuntu 16.04 LTS
- libsqlite3-0 - 3.11.0-1ubuntu1.2
- sqlite3 - 3.11.0-1ubuntu1.2
sqlite3 (Ubuntu package): 3.11.0-1ubuntu1 - 3.11.0-1ubuntu1.1
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) SQL injection
EUVDB-ID: #VU17163
Risk: Low
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-20505
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the SQLite component. A remote attacker can send a specially specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
MitigationUpdate the affected packages.
- Ubuntu 19.04
- libsqlite3-0 - 3.27.2-2ubuntu0.1
- sqlite3 - 3.27.2-2ubuntu0.1
- Ubuntu 18.10
- libsqlite3-0 - 3.24.0-1ubuntu0.1
- sqlite3 - 3.24.0-1ubuntu0.1
- Ubuntu 18.04 LTS
- libsqlite3-0 - 3.22.0-1ubuntu0.1
- sqlite3 - 3.22.0-1ubuntu0.1
- Ubuntu 16.04 LTS
- libsqlite3-0 - 3.11.0-1ubuntu1.2
- sqlite3 - 3.11.0-1ubuntu1.2
sqlite3 (Ubuntu package): 3.11.0-1ubuntu1 - 3.11.0-1ubuntu1.1
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) SQL injection
EUVDB-ID: #VU17162
Risk: Low
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-20346
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the SQLite component. A remote attacker can send a specially specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
MitigationUpdate the affected packages.
- Ubuntu 19.04
- libsqlite3-0 - 3.27.2-2ubuntu0.1
- sqlite3 - 3.27.2-2ubuntu0.1
- Ubuntu 18.10
- libsqlite3-0 - 3.24.0-1ubuntu0.1
- sqlite3 - 3.24.0-1ubuntu0.1
- Ubuntu 18.04 LTS
- libsqlite3-0 - 3.22.0-1ubuntu0.1
- sqlite3 - 3.22.0-1ubuntu0.1
- Ubuntu 16.04 LTS
- libsqlite3-0 - 3.11.0-1ubuntu1.2
- sqlite3 - 3.11.0-1ubuntu1.2
sqlite3 (Ubuntu package): 3.11.0-1ubuntu1 - 3.11.0-1ubuntu1.1
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) SQL injection
EUVDB-ID: #VU17164
Risk: Low
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-20506
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the SQLite component. A remote attacker can send a specially specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
MitigationUpdate the affected packages.
- Ubuntu 19.04
- libsqlite3-0 - 3.27.2-2ubuntu0.1
- sqlite3 - 3.27.2-2ubuntu0.1
- Ubuntu 18.10
- libsqlite3-0 - 3.24.0-1ubuntu0.1
- sqlite3 - 3.24.0-1ubuntu0.1
- Ubuntu 18.04 LTS
- libsqlite3-0 - 3.22.0-1ubuntu0.1
- sqlite3 - 3.22.0-1ubuntu0.1
- Ubuntu 16.04 LTS
- libsqlite3-0 - 3.11.0-1ubuntu1.2
- sqlite3 - 3.11.0-1ubuntu1.2
sqlite3 (Ubuntu package): 3.11.0-1ubuntu1 - 3.11.0-1ubuntu1.1
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds read
EUVDB-ID: #VU18657
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-8457
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service attack.
The vulnerability exists due to a boundary condition in rtreenode() function when handling invalid rtree tables. A remote attacker can send a specially crafted request to the application, trigger heap out-of-bounds read crash the application.
MitigationUpdate the affected packages.
- Ubuntu 19.04
- libsqlite3-0 - 3.27.2-2ubuntu0.1
- sqlite3 - 3.27.2-2ubuntu0.1
- Ubuntu 18.10
- libsqlite3-0 - 3.24.0-1ubuntu0.1
- sqlite3 - 3.24.0-1ubuntu0.1
- Ubuntu 18.04 LTS
- libsqlite3-0 - 3.22.0-1ubuntu0.1
- sqlite3 - 3.22.0-1ubuntu0.1
- Ubuntu 16.04 LTS
- libsqlite3-0 - 3.11.0-1ubuntu1.2
- sqlite3 - 3.11.0-1ubuntu1.2
sqlite3 (Ubuntu package): 3.11.0-1ubuntu1 - 3.11.0-1ubuntu1.1
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Out-of-bounds read
EUVDB-ID: #VU18059
Risk: Low
CVSSv3.1: 2 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-9936
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the fts5HashEntrySort in sqlite3.c when running fts5 prefix queries inside a transaction. A remote user with ability to send queries can trigger heap-based buffer over-read error and read contents of memory on the system.
MitigationUpdate the affected packages.
- Ubuntu 19.04
- libsqlite3-0 - 3.27.2-2ubuntu0.1
- sqlite3 - 3.27.2-2ubuntu0.1
- Ubuntu 18.10
- libsqlite3-0 - 3.24.0-1ubuntu0.1
- sqlite3 - 3.24.0-1ubuntu0.1
- Ubuntu 18.04 LTS
- libsqlite3-0 - 3.22.0-1ubuntu0.1
- sqlite3 - 3.22.0-1ubuntu0.1
- Ubuntu 16.04 LTS
- libsqlite3-0 - 3.11.0-1ubuntu1.2
- sqlite3 - 3.11.0-1ubuntu1.2
sqlite3 (Ubuntu package): 3.11.0-1ubuntu1 - 3.11.0-1ubuntu1.1
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) NULL pointer dereference
EUVDB-ID: #VU18060
Risk: Medium
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-9937
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dreference error when processing interleaving reads and writes in a single transaction with an fts5 virtual table in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c. A remote attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected packages.
- Ubuntu 19.04
- libsqlite3-0 - 3.27.2-2ubuntu0.1
- sqlite3 - 3.27.2-2ubuntu0.1
- Ubuntu 18.10
- libsqlite3-0 - 3.24.0-1ubuntu0.1
- sqlite3 - 3.24.0-1ubuntu0.1
- Ubuntu 18.04 LTS
- libsqlite3-0 - 3.22.0-1ubuntu0.1
- sqlite3 - 3.22.0-1ubuntu0.1
- Ubuntu 16.04 LTS
- libsqlite3-0 - 3.11.0-1ubuntu1.2
- sqlite3 - 3.11.0-1ubuntu1.2
sqlite3 (Ubuntu package): 3.11.0-1ubuntu1 - 3.11.0-1ubuntu1.1
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Heap-based buffer overflow
EUVDB-ID: #VU18574
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-10989
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to crash the application or gain access to sensitive data.
The vulnerability exists due to a boundary error in the getNodeSize() function in ext/rtree/rtree.c when handling undersized RTree blobs. A local user can supply a specially crafted database to the affected application, trigger heap-based out of bounds read and crash the application or gain access to sensitive data.
Update the affected packages.
- Ubuntu 19.04
- libsqlite3-0 - 3.27.2-2ubuntu0.1
- sqlite3 - 3.27.2-2ubuntu0.1
- Ubuntu 18.10
- libsqlite3-0 - 3.24.0-1ubuntu0.1
- sqlite3 - 3.24.0-1ubuntu0.1
- Ubuntu 18.04 LTS
- libsqlite3-0 - 3.22.0-1ubuntu0.1
- sqlite3 - 3.22.0-1ubuntu0.1
- Ubuntu 16.04 LTS
- libsqlite3-0 - 3.11.0-1ubuntu1.2
- sqlite3 - 3.11.0-1ubuntu1.2
sqlite3 (Ubuntu package): 3.11.0-1ubuntu1 - 3.11.0-1ubuntu1.1
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU18960
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-13685
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in the "dump_callback" function. A local user can submit malicious input and cause a denial of service (DoS) condition on a targeted system.
MitigationUpdate the affected packages.
- Ubuntu 19.04
- libsqlite3-0 - 3.27.2-2ubuntu0.1
- sqlite3 - 3.27.2-2ubuntu0.1
- Ubuntu 18.10
- libsqlite3-0 - 3.24.0-1ubuntu0.1
- sqlite3 - 3.24.0-1ubuntu0.1
- Ubuntu 18.04 LTS
- libsqlite3-0 - 3.22.0-1ubuntu0.1
- sqlite3 - 3.22.0-1ubuntu0.1
- Ubuntu 16.04 LTS
- libsqlite3-0 - 3.11.0-1ubuntu1.2
- sqlite3 - 3.11.0-1ubuntu1.2
sqlite3 (Ubuntu package): 3.11.0-1ubuntu1 - 3.11.0-1ubuntu1.1
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
11) Memory corruption
EUVDB-ID: #VU6585
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2519
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing SQL queries. A remote attacker can send specially crafted SQL queries, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may allow an attacker to gain complete control over affected system.
MitigationUpdate the affected packages.
- Ubuntu 19.04
- libsqlite3-0 - 3.27.2-2ubuntu0.1
- sqlite3 - 3.27.2-2ubuntu0.1
- Ubuntu 18.10
- libsqlite3-0 - 3.24.0-1ubuntu0.1
- sqlite3 - 3.24.0-1ubuntu0.1
- Ubuntu 18.04 LTS
- libsqlite3-0 - 3.22.0-1ubuntu0.1
- sqlite3 - 3.22.0-1ubuntu0.1
- Ubuntu 16.04 LTS
- libsqlite3-0 - 3.11.0-1ubuntu1.2
- sqlite3 - 3.11.0-1ubuntu1.2
sqlite3 (Ubuntu package): 3.11.0-1ubuntu1 - 3.11.0-1ubuntu1.1
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Resource management error
EUVDB-ID: #VU20866
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6153
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack or gain access to sensitive information.
The vulnerability exists due to the application improperly implements the temporary directory search algorithm. A local user can make the application use the current working directory for storing temporary files and gain access to sensitive information or perform denial of service attack.
MitigationUpdate the affected packages.
- Ubuntu 19.04
- libsqlite3-0 - 3.27.2-2ubuntu0.1
- sqlite3 - 3.27.2-2ubuntu0.1
- Ubuntu 18.10
- libsqlite3-0 - 3.24.0-1ubuntu0.1
- sqlite3 - 3.24.0-1ubuntu0.1
- Ubuntu 18.04 LTS
- libsqlite3-0 - 3.22.0-1ubuntu0.1
- sqlite3 - 3.22.0-1ubuntu0.1
- Ubuntu 16.04 LTS
- libsqlite3-0 - 3.11.0-1ubuntu1.2
- sqlite3 - 3.11.0-1ubuntu1.2
sqlite3 (Ubuntu package): 3.11.0-1ubuntu1 - 3.11.0-1ubuntu1.1
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
