Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

Ubuntu 20.10 USN-4732-1 Moderate: sqlite3 Denial Of Service Threat

ubuntu
Calendar Grey February 11, 2021
Dist Ubuntu Esm H88
A weakness in SQLite on Ubuntu may lead to system instability or unauthorized code execution while handling specially designed requests.
SQLite could be made to crash or run programs if it processed a specially crafted query.

Summary

SQLite could be made to crash or run programs if it processed a specially

crafted query.

Software Description:

- sqlite3: C library that implements an SQL database engine

Details:

It was discovered that SQLite incorrectly handled certain sub-queries. An

attacker could use this issue to cause SQLite to crash, resulting in a

denial of service, or possibly execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
  libsqlite3-0                    3.33.0-1ubuntu0.1
  sqlite3                         3.33.0-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4732-1

CVE-2021-20227

February 11, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.