Heap-based buffer overflow in sqlite (Alpine package)

1) Heap-based buffer overflow

EUVDB-ID: #VU18574

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-10989

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a local user to crash the application or gain access to sensitive data.

The vulnerability exists due to a boundary error in the getNodeSize() function in ext/rtree/rtree.c when handling undersized RTree blobs. A local user can supply a specially crafted database to the affected application, trigger heap-based out of bounds read and crash the application or gain access to sensitive data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

sqlite (Alpine package): 3.8.10.2-r0 - 3.20.0-r0

CPE2.3

• cpe:2.3:o:alpine:sqlite_alpine_package:3.20.0-r0:*:*:*:*:alpine_linux:*:
• cpe:2.3:o:alpine:sqlite_alpine_package:3.18.0-r0:*:*:*:*:alpine_linux:*:
• cpe:2.3:o:alpine:sqlite_alpine_package:3.8.10.2-r0:*:*:*:*:alpine_linux:*:

External links

http://git.alpinelinux.org/aports/commit/?id=d0e6ab95d3bd62ff2a28b3f6bfbbc29a01b4c70e
http://git.alpinelinux.org/aports/commit/?id=fce8469b84986c40de6a743e86f8b87430b168dd
http://git.alpinelinux.org/aports/commit/?id=fdb75990b02bc777508a5a27ce0a01f817a98630
http://git.alpinelinux.org/aports/commit/?id=0e92484dd3ebdd8c9d7a7bc37c0c2e58a50d4f3a
http://git.alpinelinux.org/aports/commit/?id=a507c7f7a82e3b9b26ce174796a611ba6f29fd15

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.