Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

0

CVE-2018-20346

Disclosure Date: December 21, 2018 •

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

debian,
google,
opensuse,
redhat,
sqlite

Products

chrome,
debian linux 8.0,
leap 15.0,
leap 42.3,
linux 6.0,
sqlite

References

Canonical

CVE-2018-20346 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20346)

BID-106323 (http://www.securityfocus.com/bid/106323)

Advisory

https://support.apple.com/HT209446

[debian-lts-announce] 20181222 [SECURITY] [DLA 1613-1] sqlite3 security update (https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html)

https://www.synology.com/security/advisory/Synology_SA_18_61

https://support.apple.com/HT209443

https://support.apple.com/HT209451

https://support.apple.com/HT209450

https://support.apple.com/HT209448

https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html

https://support.apple.com/HT209447

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html

GLSA-201904-21 (https://security.gentoo.org/glsa/201904-21)

USN-4019-1 (https://usn.ubuntu.com/4019-1)

USN-4019-2 (https://usn.ubuntu.com/4019-2)

FEDORA-2019-49f80a78bc (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK)

[debian-lts-announce] 20200822 [SECURITY] [DLA 2340-1] sqlite3 security update (https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html)

USN-4019-1 (https://usn.ubuntu.com/4019-1/)

USN-4019-2 (https://usn.ubuntu.com/4019-2/)

FEDORA-2019-49f80a78bc (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/)

https://kc.mcafee.com/corporate/index?page=content&id=SB10365

Miscellaneous

https://worthdoingbadly.com/sqlitebug

https://bugzilla.redhat.com/show_bug.cgi?id=1659379

https://bugzilla.redhat.com/show_bug.cgi?id=1659677

https://access.redhat.com/articles/3758321

https://blade.tencent.com/magellan/index_en.html

https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html

https://news.ycombinator.com/item?id=18685296

https://sqlite.org/src/info/940f2adc8541a838

https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e

https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg113218.html

https://crbug.com/900910

https://sqlite.org/src/info/d44318f59044162e

https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc

https://www.sqlite.org/releaselog/3_25_3.html

https://www.oracle.com/security-alerts/cpuapr2020.html

https://worthdoingbadly.com/sqlitebug/

Rapid7

Technical Analysis