22-Yrs-Old SQLite Bug Let Hackers Perform Code Execution & DOS Attack On Control Programs

Trail of Bits researcher Andreas Kellas recently disclosed a 22-Years-Old SQLite bug which has been tracked as “CVE-2022-35737.” The SQLite database library has been found to contain this vulnerability that has a high severity level.

In October 2000 several code changes were made which led to the occurrence of this high-severity vulnerability. Threat actors could exploit this flaw to crash and control programs if they succeeded in exploiting it.

While it has been confirmed that this severe SQLite Bug could be exploited on systems that are based on 64-bit architecture. However, the extent to which a program is exploitable depends on the way it is compiled.

Flaw Profile

  • CVE ID: CVE-2022-35737
  • CVSS score: 7.5
  • Severity: High
  • Current Description: SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.

Technical Analysis

Using this issue SQLite Bug, an attacker could execute arbitrary code on the affected system as a result of exploiting the vulnerability. SQLite’s printf functions require attackers to pass large strings as inputs and the format string contains %Q, %q, or %w substitutions.

According to the report, The following are the affected versions as well as the version that has been fixed:-

  • SQLite version 1.0.12 was affected by this flaw that was released on October 17, 2000.
  • In SQLite version 3.39.2 the flaw was fixed and this version was released on July 21, 2022.

This severe vulnerability has been discovered in the way the string formatting is handled by a function that is known as “sqlite3_str_vappendf” and this function is called by printf.

When a library is compiled without stack canaries, the possibility of running arbitrary code is confirmed. But, the presence of stack canaries implies the execution of arbitrary code, whereas DDoS is always confirmed in all cases.

The SQLite database engine was developed in C and is widely used today. The following operating systems and web browsers include it by default:-

OS:

  • Android
  • iOS
  • Windows
  • macOS

Web Browsers:

  • Google Chrome
  • Mozilla Firefox
  • Apple Safari

The SQLite printf function is not vulnerable to widespread attacks in all systems and applications that apply it. Besides being a very serious vulnerability, it is also an example of a scenario that was once considered to be unfeasible decades ago.

Managed DDoS Attack Protection for Applications – Download Free Guide

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across various sectors, including education, cryptocurrency, and…

17 hours ago

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two Chinese Advanced Persistent Threat (APT) groups…

18 hours ago

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft SharePoint Server, CVE-2023-24955. This vulnerability poses…

20 hours ago

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included in the Edge Bounty Program. The…

20 hours ago

Beware of Free Android VPN Apps that Turn Your Device into Proxies

Cybersecurity experts have uncovered a cluster of Android VPN applications that covertly transform user devices into proxy nodes, potentially engaging…

22 hours ago

ZENHAMMER – First Rowhammer Attack Impacting Zen-based AMD Platforms

Despite AMD's growing market share with Zen CPUs, Rowhammer attacks were absent due to challenges in reverse engineering DRAM addressing,…

24 hours ago