Bug 1781980 (CVE-2019-13734) - CVE-2019-13734 sqlite: fts3: improve shadow table corruption detection
Summary: CVE-2019-13734 sqlite: fts3: improve shadow table corruption detection
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2019-13734
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1782011 1782012 1782013 1786505 1786506 1786507 1786508 1786509 1786511 1786512 1786513 1825903
Blocks: 1784418
TreeView+ depends on / blocked
 
Reported: 2019-12-11 01:00 UTC by Pedro Sampaio
Modified: 2021-02-16 20:54 UTC (History)
16 users (show)

Fixed In Version: chromium-browser 79.0.3945.79, sqlite 3.31.0
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-12-16 14:09:53 UTC

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2020:0244 0 None None None 2020-01-27 18:11:46 UTC
Red Hat Product Errata RHBA-2020:0245 0 None None None 2020-01-27 19:41:56 UTC
Red Hat Product Errata RHBA-2020:0248 0 None None None 2020-01-27 20:55:34 UTC
Red Hat Product Errata RHBA-2020:0249 0 None None None 2020-01-27 21:00:14 UTC
Red Hat Product Errata RHBA-2020:0252 0 None None None 2020-01-27 21:58:46 UTC
Red Hat Product Errata RHBA-2020:0253 0 None None None 2020-01-27 21:53:58 UTC
Red Hat Product Errata RHBA-2020:0254 0 None None None 2020-01-28 00:37:47 UTC
Red Hat Product Errata RHBA-2020:0261 0 None None None 2020-01-28 13:29:11 UTC
Red Hat Product Errata RHBA-2020:0265 0 None None None 2020-01-28 16:28:46 UTC
Red Hat Product Errata RHBA-2020:0272 0 None None None 2020-01-29 08:20:21 UTC
Red Hat Product Errata RHBA-2020:0284 0 None None None 2020-01-29 16:17:31 UTC
Red Hat Product Errata RHBA-2020:0285 0 None None None 2020-01-29 16:13:28 UTC
Red Hat Product Errata RHBA-2020:0286 0 None None None 2020-01-29 17:50:21 UTC
Red Hat Product Errata RHBA-2020:0287 0 None None None 2020-01-29 19:15:29 UTC
Red Hat Product Errata RHBA-2020:0300 0 None None None 2020-01-30 10:56:39 UTC
Red Hat Product Errata RHBA-2020:0301 0 None None None 2020-01-30 11:02:46 UTC
Red Hat Product Errata RHBA-2020:0302 0 None None None 2020-01-30 15:42:09 UTC
Red Hat Product Errata RHBA-2020:0303 0 None None None 2020-01-30 15:39:59 UTC
Red Hat Product Errata RHBA-2020:0305 0 None None None 2020-01-30 15:46:10 UTC
Red Hat Product Errata RHBA-2020:0308 0 None None None 2020-01-30 16:24:15 UTC
Red Hat Product Errata RHBA-2020:0314 0 None None None 2020-02-03 01:30:09 UTC
Red Hat Product Errata RHBA-2020:0324 0 None None None 2020-02-03 23:49:10 UTC
Red Hat Product Errata RHBA-2020:0326 0 None None None 2020-02-04 08:54:36 UTC
Red Hat Product Errata RHBA-2020:0327 0 None None None 2020-02-04 08:42:03 UTC
Red Hat Product Errata RHBA-2020:0432 0 None None None 2020-02-05 14:15:27 UTC
Red Hat Product Errata RHBA-2020:0433 0 None None None 2020-02-05 14:40:02 UTC
Red Hat Product Errata RHBA-2020:0434 0 None None None 2020-02-05 14:30:08 UTC
Red Hat Product Errata RHBA-2020:0435 0 None None None 2020-02-05 14:36:29 UTC
Red Hat Product Errata RHBA-2020:0436 0 None None None 2020-02-05 16:22:30 UTC
Red Hat Product Errata RHBA-2020:0437 0 None None None 2020-02-05 15:21:53 UTC
Red Hat Product Errata RHBA-2020:0456 0 None None None 2020-02-10 08:57:16 UTC
Red Hat Product Errata RHBA-2020:0472 0 None None None 2020-02-11 10:31:54 UTC
Red Hat Product Errata RHBA-2020:0506 0 None None None 2020-02-13 16:24:05 UTC
Red Hat Product Errata RHBA-2020:0531 0 None None None 2020-02-18 08:31:39 UTC
Red Hat Product Errata RHBA-2020:0539 0 None None None 2020-02-18 12:57:54 UTC
Red Hat Product Errata RHBA-2020:0548 0 None None None 2020-02-18 18:40:14 UTC
Red Hat Product Errata RHBA-2020:0549 0 None None None 2020-02-18 18:59:01 UTC
Red Hat Product Errata RHBA-2020:0607 0 None None None 2020-02-26 07:43:36 UTC
Red Hat Product Errata RHBA-2020:0627 0 None None None 2020-02-27 12:10:07 UTC
Red Hat Product Errata RHBA-2020:0640 0 None None None 2020-02-27 20:05:36 UTC
Red Hat Product Errata RHBA-2020:0701 0 None None None 2020-03-04 16:50:33 UTC
Red Hat Product Errata RHSA-2019:4238 0 None None None 2019-12-16 09:08:24 UTC
Red Hat Product Errata RHSA-2020:0227 0 None None None 2020-01-27 09:14:01 UTC
Red Hat Product Errata RHSA-2020:0229 0 None None None 2020-01-27 09:01:40 UTC
Red Hat Product Errata RHSA-2020:0273 0 None None None 2020-01-29 09:58:58 UTC
Red Hat Product Errata RHSA-2020:2014 0 None None None 2020-05-05 09:39:52 UTC

Description Pedro Sampaio 2019-12-11 01:00:03 UTC 
An out of bounds write flaw was found in the SQLite component of the Chromium browser.

Upstream bug(s):

https://code.google.com/p/chromium/issues/detail?id=1025466

External References:

https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Comment 1 Pedro Sampaio 2019-12-11 01:19:25 UTC 
Created chromium tracking bugs for this issue:

Affects: epel-7 [bug 1782013]
Affects: fedora-all [bug 1782012]
Comment 3 errata-xmlrpc 2019-12-16 09:08:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Supplementary

Via RHSA-2019:4238 https://access.redhat.com/errata/RHSA-2019:4238
Comment 4 Product Security DevOps Team 2019-12-16 14:09:53 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2019-13734
Comment 5 Tomas Hoger 2019-12-17 13:22:17 UTC 
While the chromium bug is not public yet, its id leads us to this:

https://chromium.googlesource.com/chromium/src/third_party/sqlite/+/47bd97d715260127c995d92dde8dd8adb669b6b3
https://chromium.googlesource.com/chromium/src/third_party/sqlite/+/47bd97d715260127c995d92dde8dd8adb669b6b3/patches/0003-Shadow-Table-Corruption-Detection-improvements-in-ft.patch

which further leads us to upstream commit:

https://www.sqlite.org/src/info/51525f9c3235967b
https://github.com/sqlite/sqlite/commit/c72f2fb7feff582444b8ffdc6c900c69847ce8a9

There is no released sqlite version with the fix yet.
Comment 9 Huzaifa S. Sidhpurwala 2019-12-26 04:17:11 UTC 
Created mingw-sqlite tracking bugs for this issue:

Affects: epel-all [bug 1786513]
Affects: fedora-all [bug 1786512]


Created sqlite tracking bugs for this issue:

Affects: fedora-all [bug 1786511]
Comment 10 errata-xmlrpc 2020-01-27 09:01:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions

Via RHSA-2020:0229 https://access.redhat.com/errata/RHSA-2020:0229
Comment 11 errata-xmlrpc 2020-01-27 09:13:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2020:0227 https://access.redhat.com/errata/RHSA-2020:0227
Comment 12 errata-xmlrpc 2020-01-29 09:58:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:0273 https://access.redhat.com/errata/RHSA-2020:0273
Comment 41 errata-xmlrpc 2020-05-05 09:39:49 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Extended Update Support

Via RHSA-2020:2014 https://access.redhat.com/errata/RHSA-2020:2014
Note You need to log in before you can comment on or make changes to this bug.