Multiple vulnerabilities in SQLite



Published: 2020-04-20 | Updated: 2020-05-24
Risk High
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2020-11655
CVE-2020-11656
CWE-ID CWE-20
CWE-416
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
SQLite
Server applications / Database software

Vendor SQLite

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

Updated: 24.05.2020

Changed bulletin status to patched.

1) Input validation error

EUVDB-ID: #VU27023

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-11655

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when the AggInfo object's initialization is mishandled. A remote attacker can pass specially crafted input via a malformed window-function query to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SQLite: 3.31.0 - 3.31.1


CPE2.3 External links

http://security.netapp.com/advisory/ntap-20200416-0001/
http://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11
http://www3.sqlite.org/cgi/src/tktview?name=af4556bb5c

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Use-after-free

EUVDB-ID: #VU27024

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-11656

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the ALTER TABLE implementation. A remote attacker can execute arbitrary code on the target system, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SQLite: 3.8.0 - 3.31.1


CPE2.3 External links

http://security.netapp.com/advisory/ntap-20200416-0001/
http://www.sqlite.org/src/info/d09f8c3621d5f7f8
http://www3.sqlite.org/cgi/src/info/b64674919f673602

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###