Ubuntu 20.04: Critical SQLite DoS Vulnerability USN-7679-1 CVE-2025-6965
ubuntu
July 30, 2025
Several security issues were fixed in SQLite.
Summary
Several security issues were fixed in SQLite.
Software Description:
- sqlite3: C library that implements an SQL database engine
Details:
It was discovered that SQLite incorrectly handled aggregate terms. An
attacker could use this issue to cause SQLite to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2025-6965)
It was discovered that SQLite incorrectly handled certain argument values
to sqlite3_db_config(). An attacker could use this issue to cause SQLite to
crash, resulting in a denial of service, or possibly execute arbitrary
code. This update fixes the issue in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and
Ubuntu 18.04 LTS. This issue was previously fixed in Ubuntu 20.04 LTS via
USN-7528-1. (CVE-2025-29088)
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
libsqlite3-0 3.31.1-4ubuntu0.7+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libsqlite3-0 3.22.0-1ubuntu0.7+esm2
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libsqlite3-0 3.11.0-1ubuntu1.5+esm3
Available with Ubuntu Pro
Ubuntu 14.04 LTS
libsqlite3-0 3.8.2-1ubuntu2.2+esm5
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.References
https://ubuntu.com/security/notices/USN-7679-1
CVE-2025-29088, CVE-2025-6965
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-7679-1
Topics Covered
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!