Описание
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/xenial | needs-triage | |
| esm-infra-legacy/trusty | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | needs-triage | |
| noble | DNE | |
| oracular | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.46.1-4 |
| esm-infra-legacy/trusty | released | 3.8.2-1ubuntu2.2+esm5 |
| esm-infra/bionic | released | 3.22.0-1ubuntu0.7+esm2 |
| esm-infra/focal | released | 3.31.1-4ubuntu0.7 |
| esm-infra/xenial | released | 3.11.0-1ubuntu1.5+esm3 |
| focal | released | 3.31.1-4ubuntu0.7 |
| jammy | released | 3.37.2-2ubuntu0.4 |
| noble | released | 3.45.1-1ubuntu2.3 |
| oracular | released | 3.46.1-1ubuntu0.2 |
| plucky | released | 3.46.1-3ubuntu0.1 |
Показывать по
EPSS
5.6 Medium
CVSS3
Связанные уязвимости
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_ ...
An issue in sqlite v.3.49.0 allows an attacker to cause a denial of service via the SQLITE_DBCONFIG_LOOKASIDE component
Уязвимость функции sqlite3_db_config() файла sqlite3.c системы управления базами данных SQLite, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.6 Medium
CVSS3