FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

sqlite -- integer overflow

Affected packages
sqlite < 3.49.1

Details

VuXML ID 409206f6-25e6-11f0-9360-b42e991fc52e
Discovery 2025-04-07
Entry 2025-04-30

cve@mitre.org reports:

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.

[source]

References

CVE Name CVE-2025-29087
URL https://nvd.nist.gov/vuln/detail/CVE-2025-29087

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.