CVE-2017-10989Out-of-bounds Read in Sqlite

CWE-125Out-of-bounds ReadCWE-122Heap-based Buffer Overflow19 documents10 sources
Severity
9.8CRITICALNVD
EPSS
12.5%
top 6.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Ghost Sqlite3Sqlite
Timeline
PublishedJul 7
Latest updateMay 13

Description

The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

Debianghost/sqlite3< 3.19.3-3+3
NVDsqlite/sqlite3.19.3

Patches

Patch: marc.infoPatch: bugs.launchpad.netPatch: sqlite.org

🔴Vulnerability Details

3
GHSA
GHSA-rp6h-mxcc-96r2: The getNodeSize function in ext/rtree/rtree2022-05-13
CVEList
CVE-2017-10989: The getNodeSize function in ext/rtree/rtree2017-07-07
OSV
CVE-2017-10989: The getNodeSize function in ext/rtree/rtree2017-07-07

📋Vendor Advisories

9
Ubuntu
SQLite vulnerabilities2019-06-19
Ubuntu
SQLite vulnerabilities2019-06-19
Apple
CVE-2017-10989: macOS High Sierra 10.132017-09-25
Apple
CVE-2017-10989: watchOS 42017-09-19
Apple
CVE-2017-10989: iOS 112017-09-19

💬Community

6
Bugzilla
CVE-2017-10989 mingw-sqlite: sqlite: Heap-buffer overflow in the getNodeSize function [epel-7]2017-07-11
Bugzilla
CVE-2017-10989 sqlite: Heap-buffer overflow in the getNodeSize function [fedora-all]2017-07-11
Bugzilla
CVE-2017-10989 mingw-sqlite: sqlite: Heap-buffer overflow in the getNodeSize function [fedora-all]2017-07-11
Bugzilla
CVE-2017-10989 sqlite: Heap-buffer overflow in the getNodeSize function2017-07-11
Bugzilla
CVE-2017-10989 sqlite2: sqlite: Heap-buffer overflow in the getNodeSize function [epel-all]2017-07-11
CVE-2017-10989 — Out-of-bounds Read in Sqlite | cvebase