In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. Reference and upstream commit: https://www.sqlite.org/src/info/d09f8c3621d5f7f8 https://www3.sqlite.org/cgi/src/info/b64674919f673602
Created mingw-sqlite tracking bugs for this issue: Affects: fedora-all [bug 1824187] Created sqlite2 tracking bugs for this issue: Affects: epel-all [bug 1824186] Affects: fedora-all [bug 1824188] Created sqlite3 tracking bugs for this issue: Affects: fedora-all [bug 1824189]
Statement: As per the upstream bug at https://www.sqlite.org/src/info/4722bdab08cb1 the flaw is in the error checking routine which is triggered only in debug builds. In release builds this is a no-op and therefore release builds are non-vulnerable. Red Hat packages are not vulnerable to this flaw (because we dont ship debug builds)
Created sqlite tracking bugs for this issue: Affects: fedora-all [bug 1840138]