Astra Linux – Vulnerability in SQLite3

SQLite 3.32.2 has a use-after-free issue in the resetAccumulator function in select.c, as the re-write of the parse tree for window functions occurs too late...

The vulnerability in the implementation of the resetAccumulator() function of the SQLite database management system allows a hacker to cause a service failure.

The vulnerability of the implementation of the resetAccumulator function in the SQLite database management system’s select.c module is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerability of the `resetAccumulator` function in the `src/select.c` file of the SQLite database management system allows a hacker to cause a service failure.

The vulnerability of the resetAccumulator function in the src/select.c file of the SQLite database management system is related to a lack of mechanisms for checking input data. Exploiting this vulnerability allows an attacker who operates remotely to cause service failures...

PT-2020-5472 · Sqlite +5 · Sqlite +5

Name of the Vulnerable Software and Affected Versions: SQLite versions through 3.31.1 Description: The issue allows attackers to cause a denial of service, resulting in a segmentation fault, via a malformed window-function query. This is due to the mishandling of the AggInfo object's...