Mageia 9 Security Advisory: MGASA-2024-0073 Critical SQLite3 Heap Overflow
mageia
March 20, 2024
The updated packages fix security vulnerabilities: Heap buffer overflow in sqlite
Summary
The updated packages fix security vulnerabilities:
Heap buffer overflow in sqlite. (CVE-2023-2137)
A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified
as critical. This issue affects the function sessionReadRecord of the
file ext/session/sqlite3session.c of the component make alltest Handler.
The manipulation leads to heap-based buffer overflow. (CVE-2023-7104)
References
- https://bugs.mageia.org/show_bug.cgi?id=31868
- https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html
- https://ubuntu.com/security/notices/USN-6566-1
- https://www.cve.org/CVERecord?id=CVE-2023-2137
- https://www.cve.org/CVERecord?id=CVE-2023-7104
Topics Covered
Resolution
SRPMS
- 9/core/sqlite3-3.40.1-1.1.mga9
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 20 Mar 2024
URL: https://advisories.mageia.org/MGASA-2024-0073.html
Type: security
CVE: CVE-2023-2137,
CVE-2023-7104
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!