CVE-2020-13871Use After Free in External Sqlite

CWE-416Use After Free15 documents10 sources
Severity
7.5HIGHNVD
EPSS
2.4%
top 14.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Platform External SqliteGhost Sqlite3Siemens Sinec Infrastructure Network Services+9 more
Timeline
PublishedJun 6
Latest updateMay 24

Description

SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages10 packages

Androidplatform/external_sqlite11:011:2021-11-01
Debianghost/sqlite3< 3.32.2-2+3
NVDsqlite/sqlite3.32.2

Also affects: Debian Linux 9.0, Fedora 33

Patches

Patch: cert-portal.siemens.comPatch: www.sqlite.orgPatch: cert-portal.siemens.com

🔴Vulnerability Details

4
GHSA
GHSA-wjq2-9xcc-v8x3: SQLite 32022-05-24
OSV
CVE-2020-13871: In resetAccumulator of select2021-11-01
OSV
CVE-2020-13871: SQLite 32020-06-06
CVEList
CVE-2020-13871: SQLite 32020-06-06

📋Vendor Advisories

6
Android
CVE-2020-13871: Android Security Bulletin 2021-11-01 CVE: CVE-2020-13871 Severity: HIGH Type: ID Affected AOSP versions: 11 References: A-1926060472021-11-01
Oracle
Oracle Oracle Communications Applications Risk Matrix: Message Store (SQLite) — CVE-2020-138712021-04-15
Oracle
Oracle Oracle Communications Applications Risk Matrix: Common (SQLite) — CVE-2020-138712021-01-15
Chrome
Chrome for Android Update: CVE-2020-159932020-10-13
Red Hat
sqlite: use-after-free in resetAccumulator in select.c2020-06-05

💬Community

4
Bugzilla
CVE-2020-13871 sqlite2: sqlite: use-after-free in resetAccumulator in select.c [fedora-all]2020-06-09
Bugzilla
CVE-2020-13871 mingw-sqlite: sqlite: use-after-free in resetAccumulator in select.c [fedora-all]2020-06-09
Bugzilla
CVE-2020-13871 sqlite: use-after-free in resetAccumulator in select.c2020-06-09
Bugzilla
CVE-2020-13871 sqlite: use-after-free in resetAccumulator in select.c [fedora-all]2020-06-09
CVE-2020-13871 — Use After Free in External Sqlite | cvebase