Summary: | <dev-db/sqlite-3.17.0: buffer over-reads were recently discovered | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Christopher Díaz Riveros (RETIRED) <chrisadr> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | CC: | arfrever.fta, proxy-maint, sudormrfhalt | ||||
Priority: | Normal | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10989 | ||||||
Whiteboard: | B3 [noglsa cve] | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
According to that discussion the bug is not reproducible in SQLite >=3.17.0. SQLite 3.17.0 is already stable. > bug is not reproducible in SQLite >=3.17.0. https://nvd.nist.gov/vuln/detail/CVE-2017-10989 "The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact." Ok. So as you say. Created attachment 485076 [details, diff]
sqlite-3.19.3-CVE-2017-10989.patch
Upstream patch
@maintainers, please clean the vulnerable versions. Old versions deleted. |
[Suggested description] Undersize RTree blobs in a maliciously-constructed SQLite3 database file may allow buffer-overreads, un-initialized data use, or possibly other unspecified behaviour. References: > https://sqlite.org/src/vpatch?from=0db20efe201736b3&to=66de6f4a9504ec26 > https://sqlite.org/src/info/66de6f4a > https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1700937 > https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2405 > http://marc.info/?l=sqlite-users&m=149933696214713&w=2