FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

SQLite -- CWE-190 Integer Overflow or Wraparound

Affected packages
sqlite3 < 3.50.3,1
linux_base-rl9-9.6 <= 9.6_1
linux-c7-sqlite < 3.50.3

Details

VuXML ID c5889223-b4e1-11f0-ae9b-b42e991fc52e
Discovery 2025-09-08
Entry 2025-10-29

https://github.com/google/security-research/security/advisories/GHSA-v2c8-vqqp-hv3g reports:

An integer overflow exists in the FTS5 https://sqlite.org/fts5.html extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds.

[source]

References

CVE Name CVE-2025-7709
URL https://cveawg.mitre.org/api/cve/CVE-2025-7709

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.