Описание
An issue in sqlite v.3.49.0 allows an attacker to cause a denial of service via the SQLITE_DBCONFIG_LOOKASIDE component
An issue in sqlite v.3.49.0 allows an attacker to cause a denial of service via the SQLITE_DBCONFIG_LOOKASIDE component
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-29088
- https://github.com/sqlite/sqlite/commit/56d2fd008b108109f489339f5fd55212bb50afd4
- https://gist.github.com/ylwango613/d3883fb9f6ba8a78086356779ce88248
- https://sqlite.org/forum/forumpost/48f365daec
- https://sqlite.org/releaselog/3_49_1.html
- https://www.sqlite.org/cves.html
Связанные уязвимости
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_ ...
Уязвимость функции sqlite3_db_config() файла sqlite3.c системы управления базами данных SQLite, позволяющая нарушителю вызвать отказ в обслуживании