CVE-2020-15358

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
Affected Products (NVD)
VendorProductVersion
sqlitesqlite
𝑥
< 3.32.3
canonicalubuntu_linux
20.04
appleicloud
𝑥
< 7.21
appleipados
𝑥
< 14.0
appleiphone_os
𝑥
< 14.0
applemacos
𝑥
< 11.0.1
appletvos
𝑥
< 14.0
applewatchos
𝑥
< 7.0
oraclecommunications_cloud_native_core_policy
1.14.0
oraclecommunications_messaging_server
8.1
oraclecommunications_network_charging_and_control
6.0.1
oraclecommunications_network_charging_and_control
12.0.2
oracleenterprise_manager_ops_center
12.4.0.0
oraclehyperion_infrastructure_technology
11.1.2.4
oraclemysql
𝑥
≤ 8.0.22
oracleoutside_in_technology
8.5.4
oracleoutside_in_technology
8.5.5
siemenssinec_infrastructure_network_services
𝑥
< 1.0.1.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
sqlite3
bookworm
3.40.1-2
fixed
bullseye
3.34.1-3
fixed
bullseye (security)
3.34.1-3+deb11u1
fixed
jessie
not-affected
sid
3.46.1-1
fixed
stretch
not-affected
trixie
3.46.1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
sqlite
bionic
not-affected
eoan
not-affected
focal
not-affected
trusty
not-affected
xenial
not-affected
sqlite3
bionic
not-affected
eoan
ignored
focal
Fixed 3.31.1-4ubuntu0.2
released
trusty
not-affected
xenial
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libsqlite3-0
suse enterprise desktop 15 SP2
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP3
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP4
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP5
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP6
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP7
3.36.0-3.12.1
fixed
suse enterprise sap 12 SP3
3.36.0-9.18.1
fixed
suse enterprise sap 12 SP4
3.36.0-9.18.1
fixed
suse enterprise sap 15
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP1
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP2
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP3
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP4
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP5
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP6
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP7
3.36.0-3.12.1
fixed
suse enterprise server 12 SP2
3.36.0-9.18.1
fixed
suse enterprise server 12 SP3
3.36.0-9.18.1
fixed
suse enterprise server 12 SP4
3.36.0-9.18.1
fixed
suse enterprise server 12 SP5
3.36.0-9.18.1
fixed
suse enterprise server 15
3.36.0-3.12.1
fixed
suse enterprise server 15 SP1
3.36.0-3.12.1
fixed
suse enterprise server 15 SP2
3.36.0-3.12.1
fixed
suse enterprise server 15 SP3
3.36.0-3.12.1
fixed
suse enterprise server 15 SP4
3.36.0-3.12.1
fixed
suse enterprise server 15 SP5
3.36.0-3.12.1
fixed
suse enterprise server 15 SP6
3.36.0-3.12.1
fixed
suse enterprise server 15 SP7
3.36.0-3.12.1
fixed
libsqlite3-0-32bit
suse enterprise desktop 15 SP2
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP3
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP4
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP5
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP6
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP7
3.36.0-3.12.1
fixed
suse enterprise sap 12 SP3
3.36.0-9.18.1
fixed
suse enterprise sap 12 SP4
3.36.0-9.18.1
fixed
suse enterprise sap 15
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP1
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP2
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP3
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP4
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP5
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP6
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP7
3.36.0-3.12.1
fixed
suse enterprise server 12 SP2
3.36.0-9.18.1
fixed
suse enterprise server 12 SP3
3.36.0-9.18.1
fixed
suse enterprise server 12 SP4
3.36.0-9.18.1
fixed
suse enterprise server 12 SP5
3.36.0-9.18.1
fixed
suse enterprise server 15
3.36.0-3.12.1
fixed
suse enterprise server 15 SP1
3.36.0-3.12.1
fixed
suse enterprise server 15 SP2
3.36.0-3.12.1
fixed
suse enterprise server 15 SP3
3.36.0-3.12.1
fixed
suse enterprise server 15 SP4
3.36.0-3.12.1
fixed
suse enterprise server 15 SP5
3.36.0-3.12.1
fixed
suse enterprise server 15 SP6
3.36.0-3.12.1
fixed
suse enterprise server 15 SP7
3.36.0-3.12.1
fixed
sqlite3
suse enterprise desktop 15 SP2
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP3
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP4
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP5
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP6
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP7
3.36.0-3.12.1
fixed
suse enterprise sap 12 SP3
3.36.0-9.18.1
fixed
suse enterprise sap 12 SP4
3.36.0-9.18.1
fixed
suse enterprise sap 15
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP1
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP2
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP3
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP4
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP5
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP6
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP7
3.36.0-3.12.1
fixed
suse enterprise server 12 SP2
3.36.0-9.18.1
fixed
suse enterprise server 12 SP3
3.36.0-9.18.1
fixed
suse enterprise server 12 SP4
3.36.0-9.18.1
fixed
suse enterprise server 12 SP5
3.36.0-9.18.1
fixed
suse enterprise server 15
3.36.0-3.12.1
fixed
suse enterprise server 15 SP1
3.36.0-3.12.1
fixed
suse enterprise server 15 SP2
3.36.0-3.12.1
fixed
suse enterprise server 15 SP3
3.36.0-3.12.1
fixed
suse enterprise server 15 SP4
3.36.0-3.12.1
fixed
suse enterprise server 15 SP5
3.36.0-3.12.1
fixed
suse enterprise server 15 SP6
3.36.0-3.12.1
fixed
suse enterprise server 15 SP7
3.36.0-3.12.1
fixed
sqlite3-devel
suse enterprise desktop 15 SP2
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP3
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP4
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP5
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP6
3.36.0-3.12.1
fixed
suse enterprise desktop 15 SP7
3.36.0-3.12.1
fixed
suse enterprise sap 12 SP3
3.36.0-9.18.1
fixed
suse enterprise sap 12 SP4
3.36.0-9.18.1
fixed
suse enterprise sap 15
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP1
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP2
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP3
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP4
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP5
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP6
3.36.0-3.12.1
fixed
suse enterprise sap 15 SP7
3.36.0-3.12.1
fixed
suse enterprise server 12 SP2
3.36.0-9.18.1
fixed
suse enterprise server 12 SP3
3.36.0-9.18.1
fixed
suse enterprise server 12 SP4
3.36.0-9.18.1
fixed
suse enterprise server 12 SP5
3.36.0-9.18.1
fixed
suse enterprise server 15
3.36.0-3.12.1
fixed
suse enterprise server 15 SP1
3.36.0-3.12.1
fixed
suse enterprise server 15 SP2
3.36.0-3.12.1
fixed
suse enterprise server 15 SP3
3.36.0-3.12.1
fixed
suse enterprise server 15 SP4
3.36.0-3.12.1
fixed
suse enterprise server 15 SP5
3.36.0-3.12.1
fixed
suse enterprise server 15 SP6
3.36.0-3.12.1
fixed
suse enterprise server 15 SP7
3.36.0-3.12.1
fixed
sqlite3-tcl
suse enterprise desktop 15 SP5
3.39.3-150000.3.20.1
fixed
suse enterprise desktop 15 SP6
3.44.0-150000.3.23.1
fixed
suse enterprise desktop 15 SP7
3.44.0-150000.3.23.1
fixed
suse enterprise sap 15 SP5
3.39.3-150000.3.20.1
fixed
suse enterprise sap 15 SP6
3.44.0-150000.3.23.1
fixed
suse enterprise sap 15 SP7
3.44.0-150000.3.23.1
fixed
suse enterprise server 15 SP5
3.39.3-150000.3.20.1
fixed
suse enterprise server 15 SP6
3.44.0-150000.3.23.1
fixed
suse enterprise server 15 SP7
3.44.0-150000.3.23.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
lemon
RHEL 8
0:3.26.0-13.el8
fixed
sqlite
RHEL 8
0:3.26.0-13.el8
fixed
sqlite-devel
RHEL 8
0:3.26.0-13.el8
fixed
sqlite-doc
RHEL 8
0:3.26.0-13.el8
fixed
sqlite-libs
RHEL 8
0:3.26.0-13.el8
fixed
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2020/Nov/19
http://seclists.org/fulldisclosure/2020/Nov/20
http://seclists.org/fulldisclosure/2020/Nov/22
http://seclists.org/fulldisclosure/2021/Feb/14
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://security.gentoo.org/glsa/202007-26
https://security.netapp.com/advisory/ntap-20200709-0001/
https://support.apple.com/kb/HT211843
https://support.apple.com/kb/HT211844
https://support.apple.com/kb/HT211847
https://support.apple.com/kb/HT211850
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://usn.ubuntu.com/4438-1/
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.sqlite.org/src/info/10fa79d00f8091e5
https://www.sqlite.org/src/timeline?p=version-3.32.3&bt=version-3.32.2
https://www.sqlite.org/src/tktview?name=8f157e8010
http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2020/Nov/19
http://seclists.org/fulldisclosure/2020/Nov/20
http://seclists.org/fulldisclosure/2020/Nov/22
http://seclists.org/fulldisclosure/2021/Feb/14
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://security.gentoo.org/glsa/202007-26
https://security.netapp.com/advisory/ntap-20200709-0001/
https://support.apple.com/kb/HT211843
https://support.apple.com/kb/HT211844
https://support.apple.com/kb/HT211847
https://support.apple.com/kb/HT211850
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://usn.ubuntu.com/4438-1/
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.sqlite.org/src/info/10fa79d00f8091e5
https://www.sqlite.org/src/timeline?p=version-3.32.3&bt=version-3.32.2
https://www.sqlite.org/src/tktview?name=8f157e8010