CVE-2018-20346

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.

• CWE-190

• http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.htmlThird Party Advisory
• http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.htmlMailing List, Third Party Advisory
• http://www.securityfocus.com/bid/106323Third Party Advisory, VDB Entry
• https://access.redhat.com/articles/3758321Third Party Advisory
• https://blade.tencent.com/magellan/index_en.htmlThird Party Advisory
• https://bugzilla.redhat.com/show_bug.cgi?id=1659379Issue Tracking, Third Party Advisory
• https://bugzilla.redhat.com/show_bug.cgi?id=1659677Issue Tracking, Third Party Advisory
• https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.htmlThird Party Advisory
• https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786eThird Party Advisory
• https://crbug.com/900910Permissions Required, Third Party Advisory
• https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.htmlExploit, Third Party Advisory
• https://kc.mcafee.com/corporate/index?page=content&id=SB10365
• https://lists.debian.org/debian-lts-announce/2018/12/msg00012.htmlMailing List, Third Party Advisory
• https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/
• https://news.ycombinator.com/item?id=18685296Third Party Advisory
• https://security.gentoo.org/glsa/201904-21Third Party Advisory
• https://sqlite.org/src/info/940f2adc8541a838Patch, Third Party Advisory
• https://sqlite.org/src/info/d44318f59044162ePatch, Third Party Advisory
• https://support.apple.com/HT209443
• https://support.apple.com/HT209446
• https://support.apple.com/HT209447
• https://support.apple.com/HT209448
• https://support.apple.com/HT209450
• https://support.apple.com/HT209451
• https://usn.ubuntu.com/4019-1/
• https://usn.ubuntu.com/4019-2/
• https://worthdoingbadly.com/sqlitebug/Exploit, Third Party Advisory
• https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.ascThird Party Advisory
• https://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg113218.html
• https://www.oracle.com/security-alerts/cpuapr2020.html
• https://www.sqlite.org/releaselog/3_25_3.htmlRelease Notes, Vendor Advisory
• https://www.synology.com/security/advisory/Synology_SA_18_61Third Party Advisory
• http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.htmlThird Party Advisory
• http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.htmlMailing List, Third Party Advisory
• http://www.securityfocus.com/bid/106323Third Party Advisory, VDB Entry
• https://access.redhat.com/articles/3758321Third Party Advisory
• https://blade.tencent.com/magellan/index_en.htmlThird Party Advisory
• https://bugzilla.redhat.com/show_bug.cgi?id=1659379Issue Tracking, Third Party Advisory
• https://bugzilla.redhat.com/show_bug.cgi?id=1659677Issue Tracking, Third Party Advisory
• https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.htmlThird Party Advisory
• https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786eThird Party Advisory
• https://crbug.com/900910Permissions Required, Third Party Advisory
• https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.htmlExploit, Third Party Advisory
• https://kc.mcafee.com/corporate/index?page=content&id=SB10365
• https://lists.debian.org/debian-lts-announce/2018/12/msg00012.htmlMailing List, Third Party Advisory
• https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/
• https://news.ycombinator.com/item?id=18685296Third Party Advisory
• https://security.gentoo.org/glsa/201904-21Third Party Advisory
• https://sqlite.org/src/info/940f2adc8541a838Patch, Third Party Advisory
• https://sqlite.org/src/info/d44318f59044162ePatch, Third Party Advisory
• https://support.apple.com/HT209443
• https://support.apple.com/HT209446
• https://support.apple.com/HT209447
• https://support.apple.com/HT209448
• https://support.apple.com/HT209450
• https://support.apple.com/HT209451
• https://usn.ubuntu.com/4019-1/
• https://usn.ubuntu.com/4019-2/
• https://worthdoingbadly.com/sqlitebug/Exploit, Third Party Advisory
• https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.ascThird Party Advisory
• https://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg113218.html
• https://www.oracle.com/security-alerts/cpuapr2020.html
• https://www.sqlite.org/releaselog/3_25_3.htmlRelease Notes, Vendor Advisory
• https://www.synology.com/security/advisory/Synology_SA_18_61Third Party Advisory

Published

Dec 21, 2018

Last Modified

Jun 17, 2026

Status

Modified