Wind River Support Network

HomeDefectsLIN10-6882

Fixed

LIN10-6882 : Security Advisory - sqlite3 - CVE-2019-19924

Created: Dec 25, 2019 Updated: Feb 13, 2020

Resolved Date: Jan 21, 2020

Found In Version: 10.17.41.1

Fix Version: 10.17.41.20

Severity: Standard

Applicable for: Wind River Linux LTS 17

Component/s: Userspace

Description

SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.

CREATE(Triage):(User=admin) [CVE-2019-19924|https://nvd.nist.gov/vuln/detail/CVE-2019-19924]

CVEs

CVE-2019-19924