Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2015-3416

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.

Related bugs and status

CVE-2015-3416 (Candidate) is related to these bugs:

Bug #1448758: memory corruption/crash in 64bit version of 3.8.2

		In	Importance	Status
1448758	memory corruption/crash in 64bit version of 3.8.2	sqlite3 (Ubuntu)	Undecided	Fix Released
1448758	memory corruption/crash in 64bit version of 3.8.2	sqlite3 (Ubuntu Utopic)	Undecided	Fix Released
1448758	memory corruption/crash in 64bit version of 3.8.2	sqlite3 (Ubuntu Trusty)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

FULLDISC: 20150414 several issue...
CONFIRM: http://www.sqlite.org/...
DEBIAN: DSA-3252
MANDRIVA: MDVSA-2015:217
UBUNTU: USN-2698-1
CONFIRM: https://support.apple....
CONFIRM: https://support.apple....
APPLE: APPLE-SA-2015-09-21-1
APPLE: APPLE-SA-2015-09-30-3
CONFIRM: http://www.oracle.com/...
SECTRACK: 1033703
GENTOO: GLSA-201507-05
REDHAT: RHSA-2015:1634
REDHAT: RHSA-2015:1635
BID: 74228
CONFIRM: http://www.oracle.com/...