Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 624164 (CVE-2017-10989) - <dev-db/sqlite-3.17.0: buffer over-reads were recently discovered
Summary: <dev-db/sqlite-3.17.0: buffer over-reads were recently discovered
Alias: CVE-2017-10989
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: B3 [noglsa cve]
Depends on:
Reported: 2017-07-07 18:45 UTC by Christopher Díaz Riveros (RETIRED)
Modified: 2017-11-03 19:48 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

sqlite-3.19.3-CVE-2017-10989.patch (sqlite-3.19.3-CVE-2017-10989.patch,1.26 KB, patch)
2017-07-16 09:31 UTC, Andrey Ovcharov
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-07-07 18:45:41 UTC
[Suggested description]
Undersize RTree blobs in a maliciously-constructed SQLite3 database file
may allow buffer-overreads, un-initialized data use, or possibly other
unspecified behaviour.


Comment 1 Arfrever Frehtes Taifersar Arahesis 2017-07-07 20:35:27 UTC
According to that discussion the bug is not reproducible in SQLite >=3.17.0.
SQLite 3.17.0 is already stable.
Comment 2 Andrey Ovcharov 2017-07-16 08:53:40 UTC
> bug is not reproducible in SQLite >=3.17.0.

"The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact."

Ok. So as you say.
Comment 3 Andrey Ovcharov 2017-07-16 09:31:24 UTC
Created attachment 485076 [details, diff]

Upstream patch
Comment 4 Aaron Bauman (RETIRED) gentoo-dev 2017-10-30 00:15:57 UTC
@maintainers, please clean the vulnerable versions.
Comment 5 Arfrever Frehtes Taifersar Arahesis 2017-11-01 21:11:19 UTC
Old versions deleted.