CVE-2020-9327
Severity
7.5HIGH
EPSS
1.0%
top 23.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 21
Latest updateMay 24
Description
In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6
Affected Packages10 packages
Also affects: Ubuntu Linux 16.04, 18.04, 19.10
Patches
🔴Vulnerability Details
3📋Vendor Advisories
4Red Hat▶
sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations↗2020-02-21
Microsoft▶
In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.↗2020-02-11
Debian▶
CVE-2020-9327: sqlite3 - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL poi...↗2020
💬Community
4Bugzilla▶
CVE-2020-9327 sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations [fedora-all]↗2020-05-26
Bugzilla▶
CVE-2020-9327 mingw-sqlite: sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations [fedora-all]↗2020-03-02
Bugzilla▶
CVE-2020-9327 sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations↗2020-03-02
Bugzilla▶
CVE-2020-9327 sqlite3: sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations [fedora-all]↗2020-03-02