Описание
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| sqlite3 | fixed | 3.30.1+fossil191229-1 | package | |
| sqlite3 | fixed | 3.27.2-3+deb10u1 | buster | package |
| sqlite3 | not-affected | stretch | package | |
| sqlite3 | not-affected | jessie | package | |
| sqlite | not-affected | package | ||
| chromium | fixed | 80.0.3987.106-1 | package | |
| chromium | end-of-life | stretch | package |
Примечания
https://github.com/sqlite/sqlite/commit/396afe6f6aa90a31303c183e11b2b2d4b7956b35
EPSS
Связанные уязвимости
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
Уязвимость функции flattenSubquery() системы управления базами данных SQLite, связанная с разыменованием указателя null, позволяющая нарушителю вызвать отказ в обслуживании
EPSS