SUSE-SU-2019:1522-1

Advisory lineage Upstream: 3 Downstream: 0

Upstream

CVE-2017-10989 CVE-2018-8740 CVE-2019-8457

Published: 17 Jun 2019, 15:28

Last modified:04 Feb 2026, 03:03

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

17 Jun 2019, 15:28

Published

Vulnerability first disclosed

04 Feb 2026, 03:03

Last Modified

Vulnerability information updated

Description

Security update for sqlite3 This update for sqlite3 fixes the following issues: Security issue fixed: - CVE-2019-8457: Fixed a Heap out-of-bound read in rtreenode() when handling invalid rtree tables (bsc#1136976). - CVE-2018-8740: Fixed a NULL pointer dereference related to corrupted databases schemas (bsc#1085790). - CVE-2017-10989: Fixed a heap-based buffer over-read in getNodeSize() (bsc#1132045).

Affected Systems

suse•sqlite3&distro=SUSE Linux Enterprise Server 12-LTSS
< 3.8.3.1-2.12.1

References (7)

https://www.suse.com/support/update/announcement/2019/suse-su-20191522-1/
https://bugzilla.suse.com/1085790
https://bugzilla.suse.com/1132045
https://bugzilla.suse.com/1136976
https://www.suse.com/security/cve/CVE-2017-10989
https://www.suse.com/security/cve/CVE-2018-8740
https://www.suse.com/security/cve/CVE-2019-8457