SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. Reference and upstream commit: https://github.com/sqlite/sqlite/commit/527cbd4a104cb93bf3994b3dd3619a6299a78b13
Created mingw-sqlite tracking bugs for this issue: Affects: epel-7 [bug 1785328] Affects: fedora-all [bug 1785329] Created sqlite tracking bugs for this issue: Affects: fedora-all [bug 1785327]
There's an issue with sqlite when using SELECT statments on tables or view which names are like shadow table's name. This issue makes the sqlite application to crash, causing Deny of Service. Availability impact is rated as high due to the crashing while there's no integrality or confidentialy impact as the attacker cannot alter data ou expose data via this flaw.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4396 https://access.redhat.com/errata/RHSA-2021:4396