FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

sqlite -- integer overflow

Affected packages
sqlite3 < 3.49.1
linux-c7-sqlite < 3.49.1
linux_base-rl9 < 3.49.1

Details

VuXML ID b945ce3f-6f9b-11f0-bd96-b42e991fc52e
Discovery 2025-04-14
Entry 2025-08-02

cve-coordination@google.com reports:

An integer overflow can be triggered in SQLites `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.

[source]

References

CVE Name CVE-2025-3277
URL https://nvd.nist.gov/vuln/detail/CVE-2025-3277

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.