2152844 – (CVE-2022-46908) CVE-2022-46908 sqlite: safe mode authorizer callback allows disallowed UDFs

Bug 2152844 (CVE-2022-46908) - CVE-2022-46908 sqlite: safe mode authorizer callback allows disallowed UDFs

Summary: CVE-2022-46908 sqlite: safe mode authorizer callback allows disallowed UDFs

Keywords:
Status:	NEW
Alias:	CVE-2022-46908
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2178899 2178900 2178901 2178902 2178903 2156692 2156693 2156694 2156695 2156696 2178898 2178904
Blocks:	2152826
TreeView+	depends on / blocked

Reported:	2022-12-13 09:16 UTC by TEJ RATHI
Modified:	2023-12-01 00:16 UTC (History)
CC List:	27 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in the SQLite package. SQLite could allow a local attacker to bypass security restrictions caused by an issue when relying on --safe for the execution of an untrusted CLI script, potentially leading to arbitrary file read/write.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description TEJ RATHI 2022-12-13 09:16:11 UTC

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.

https://sqlite.org/src/info/cefc032473ac5ad2
https://sqlite.org/forum/forumpost/07beac8056151b2f
https://news.ycombinator.com/item?id=33948588

Comment 4 Avinash Hanwate 2023-03-16 05:28:47 UTC

Created mingw-sqlite tracking bugs for this issue:

Affects: fedora-all [bug 2178901]


Created qt5-qtwebengine tracking bugs for this issue:

Affects: epel-all [bug 2178899]
Affects: fedora-all [bug 2178902]


Created sqlite tracking bugs for this issue:

Affects: fedora-all [bug 2178898]


Created sqlite2 tracking bugs for this issue:

Affects: epel-all [bug 2178900]
Affects: fedora-all [bug 2178903]


Created tdlib tracking bugs for this issue:

Affects: fedora-all [bug 2178904]

Comment 6 Dhananjay Arunesh 2023-06-30 12:22:10 UTC

This CVE is present from SQLite 3.37.0 to SQLite 3.40.0[1]. RHEL 8 and 9 contain SQLite 3.26.0 and SQLite 3.34.1, respectively; therefore, RHEL is not affected.

[1]: https://nvd.nist.gov/vuln/detail/CVE-2022-46908

Note You need to log in before you can comment on or make changes to this bug.

aoconnor
bdettelb
caswilli
darunesh
databases-maint
dffrench
dkuc
fjansen
gzaronik
hbraun
jburrell
jkoehler
jwon
kaycoth
micjohns
mmuzila
mschorm
ngough
pkubat
praiskup
psegedy
rgodfrey
rh-spice-bugs
sthirugn
tcarlin
tmeszaro
zmiklank