CVE-2017-13685

Published: 29 August 2017

The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file.

Priority

Negligible

CVSS 3 base score: 5.5

Status

Package Release Status
sqlite3
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(3.22.0-1)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (3.11.0-1ubuntu1.2)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (3.8.2-1ubuntu2.2+esm1)
Patches:
Upstream: https://www.sqlite.org/src/info/2348045fbc3fc99e