Description
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.
References (33)
Core 33
Core References
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT209451
Vendor Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpuapr2020.html
Exploit, Third Party Advisory x_refsource_misc
https://worthdoingbadly.com/sqlitebug/
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT209446
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1659379
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1659677
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html
Third Party Advisory x_refsource_confirm
https://www.synology.com/security/advisory/Synology_SA_18_61
Third Party Advisory x_refsource_misc
https://access.redhat.com/articles/3758321
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT209443
Third Party Advisory x_refsource_misc
https://blade.tencent.com/magellan/index_en.html
Exploit, Third Party Advisory x_refsource_misc
https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html
Third Party Advisory x_refsource_misc
https://news.ycombinator.com/item?id=18685296
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT209450
Patch, Third Party Advisory x_refsource_misc
https://sqlite.org/src/info/940f2adc8541a838
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT209448
Third Party Advisory x_refsource_misc
https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e
Mailing List x_refsource_misc
https://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg113218.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106323
Permissions Required, Third Party Advisory x_refsource_misc
https://crbug.com/900910
Patch, Third Party Advisory x_refsource_misc
https://sqlite.org/src/info/d44318f59044162e
Third Party Advisory vendor-advisory
x_refsource_freebsd
https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc
Third Party Advisory x_refsource_misc
https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html
Release Notes, Vendor Advisory x_refsource_misc
https://www.sqlite.org/releaselog/3_25_3.html
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT209447
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201904-21
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4019-1/
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4019-2/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/
Mailing List mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10365
Scores
CVSS v3
8.1
EPSS
0.1321
EPSS Percentile
94.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-190
Status
published
Products (6)
debian/debian_linux
8.0
google/chrome
< 71.0.3578.80
opensuse/leap
15.0
opensuse/leap
42.3
redhat/linux
6.0
sqlite/sqlite
< 3.25.3
Published
Dec 21, 2018
Tracked Since
Feb 18, 2026