SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.
References
Link Providers
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html cve-icon cve-icon
http://www.securityfocus.com/bid/106323 cve-icon cve-icon
https://access.redhat.com/articles/3758321 cve-icon cve-icon cve-icon
https://blade.tencent.com/magellan/index_en.html cve-icon cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=1659379 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=1659677 cve-icon cve-icon
https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html cve-icon cve-icon cve-icon
https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e cve-icon cve-icon
https://crbug.com/900910 cve-icon cve-icon
https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html cve-icon cve-icon
https://kc.mcafee.com/corporate/index?page=content&id=SB10365 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/ cve-icon cve-icon
https://news.ycombinator.com/item?id=18685296 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2018-20346 cve-icon
https://security.gentoo.org/glsa/201904-21 cve-icon cve-icon
https://sqlite.org/src/info/940f2adc8541a838 cve-icon cve-icon
https://sqlite.org/src/info/d44318f59044162e cve-icon cve-icon
https://support.apple.com/HT209443 cve-icon cve-icon
https://support.apple.com/HT209446 cve-icon cve-icon
https://support.apple.com/HT209447 cve-icon cve-icon
https://support.apple.com/HT209448 cve-icon cve-icon
https://support.apple.com/HT209450 cve-icon cve-icon
https://support.apple.com/HT209451 cve-icon cve-icon
https://usn.ubuntu.com/4019-1/ cve-icon cve-icon
https://usn.ubuntu.com/4019-2/ cve-icon cve-icon
https://worthdoingbadly.com/sqlitebug/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2018-20346 cve-icon
https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc cve-icon cve-icon
https://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg113218.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpuapr2020.html cve-icon cve-icon
https://www.sqlite.org/releaselog/3_25_3.html cve-icon cve-icon
https://www.synology.com/security/advisory/Synology_SA_18_61 cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-12-21T21:00:00

Updated: 2024-08-05T11:58:19.161Z

Reserved: 2018-12-21T00:00:00

Link: CVE-2018-20346

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-12-21T21:29:00.243

Modified: 2023-11-07T02:56:16.353

Link: CVE-2018-20346

cve-icon Redhat

Severity : Important

Publid Date: 2018-12-04T00:00:00Z

Links: CVE-2018-20346 - Bugzilla