USN-4019-1: SQLite vulnerabilities
First published: Wed Jun 19 2019(Updated: )
It was discovered that SQLite incorrectly handled certain SQL files. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-2518, CVE-2017-2520) It was discovered that SQLite incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-20505) It was discovered that SQLite incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-20346, CVE-2018-20506) It was discovered that SQLite incorrectly handled certain inputs. An attacker could possibly use this issue to access sensitive information. (CVE-2019-8457) It was discovered that SQLite incorrectly handled certain queries. An attacker could possibly use this issue to access sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2019-9936) It was discovered that SQLite incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2019-9937) It was discovered that SQLite incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-6153) It was discovered that SQLite incorrectly handled certain databases. An attacker could possibly use this issue to access sensitive information. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-10989) It was discovered that SQLite incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-13685) It was discovered that SQLite incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-2519)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/libsqlite3-0 | <3.27.2-2ubuntu0.1 | 3.27.2-2ubuntu0.1 |
| =19.04 | ||
| All of | ||
| ubuntu/sqlite3 | <3.27.2-2ubuntu0.1 | 3.27.2-2ubuntu0.1 |
| =19.04 | ||
| All of | ||
| ubuntu/libsqlite3-0 | <3.24.0-1ubuntu0.1 | 3.24.0-1ubuntu0.1 |
| =18.10 | ||
| All of | ||
| ubuntu/sqlite3 | <3.24.0-1ubuntu0.1 | 3.24.0-1ubuntu0.1 |
| =18.10 | ||
| All of | ||
| ubuntu/libsqlite3-0 | <3.22.0-1ubuntu0.1 | 3.22.0-1ubuntu0.1 |
| =18.04 | ||
| All of | ||
| ubuntu/sqlite3 | <3.22.0-1ubuntu0.1 | 3.22.0-1ubuntu0.1 |
| =18.04 | ||
| All of | ||
| ubuntu/libsqlite3-0 | <3.11.0-1ubuntu1.2 | 3.11.0-1ubuntu1.2 |
| =16.04 | ||
| All of | ||
| ubuntu/sqlite3 | <3.11.0-1ubuntu1.2 | 3.11.0-1ubuntu1.2 |
| =16.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2016-6153
- https://ubuntu.com/security/CVE-2017-10989
- https://ubuntu.com/security/CVE-2017-13685
- https://ubuntu.com/security/CVE-2017-2518
- https://ubuntu.com/security/CVE-2017-2519
- https://ubuntu.com/security/CVE-2017-2520
- https://ubuntu.com/security/CVE-2018-20346
- https://ubuntu.com/security/CVE-2018-20505
- https://ubuntu.com/security/CVE-2018-20506
- https://ubuntu.com/security/CVE-2019-8457
- https://ubuntu.com/security/CVE-2019-9936
- https://ubuntu.com/security/CVE-2019-9937
- https://ubuntu.com/security/notices/USN-4019-2
- https://ubuntu.com/security/notices/USN-4004-2
- https://ubuntu.com/security/notices/USN-4004-1
- https://launchpad.net/ubuntu/+source/sqlite3/3.27.2-2ubuntu0.1
- https://launchpad.net/ubuntu/+source/sqlite3/3.24.0-1ubuntu0.1
- https://launchpad.net/ubuntu/+source/sqlite3/3.22.0-1ubuntu0.1
- https://launchpad.net/ubuntu/+source/sqlite3/3.11.0-1ubuntu1.2
- https://ubuntu.com/security/notices/USN-4019-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of USN-4019-1?
The severity of USN-4019-1 is high.
How does USN-4019-1 affect Ubuntu versions 19.04?
USN-4019-1 does not affect Ubuntu version 19.04.
How can I fix USN-4019-1 on Ubuntu 18.04?
To fix USN-4019-1 on Ubuntu 18.04, update the 'libsqlite3-0' package to version '3.22.0-1ubuntu0.1' or later.
What is the remedy for USN-4019-1 on Ubuntu 16.04?
The remedy for USN-4019-1 on Ubuntu 16.04 is to update the 'libsqlite3-0' package to version '3.11.0-1ubuntu1.2' or later.
Where can I find more information about USN-4019-1?
You can find more information about USN-4019-1 on the Ubuntu Security Notices website.
- agent/severity
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/title
- agent/weakness
- agent/tags
- agent/description
- agent/event
- collector/usn
- source/Ubuntu
- anchor-related/USN-4019-2
- anchor-related/USN-4004-2
- anchor-related/USN-4004-1
- agent/software-canonical-lookup
- agent/trending
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/19.04
- version/ubuntu ubuntu/18.10
- version/ubuntu ubuntu/18.04
- version/ubuntu ubuntu/16.04