Control: tags -1 +moreinfo On Fri, Feb 18, 2022 at 3:18 PM Neil Williams <codeh...@debian.org> wrote: > CVE-2021-45346[0]: > | A Memory Leak vulnerabilty exists in SQLite Project SQLite3 3.35.1 and > | 3.37.0 via maliciously crafted SQL Queries (made via editing the > | Database File), it is possible to query a record, and leak subsequent > | bytes of memory that extend beyond the record, which could let a > | malicous user obtain sensitive information.. Please explain how this is a security issue? To exploit this you need read _and_ write access to the database file, then knowledge of its binary format for changing it to your needs. Last but not least, you need to fool an application to execute your arbitrary SQL statements to leak information. If you have shell access to the database, you already can issue any 'SELECT' and get all its information. For this, read access to the database file is enough, _no need_ for write access and altering its binary format. Furthermore if you can read the database file, you can copy that as well to wherever you want to. Why would you waste time and effort to alter the database file and may cause database corruption? I just don't get the point of this CVE.
Regards, Laszlo/GCS
