Wind River Support Network

HomeDefectsLIN1019-3602

Fixed

LIN1019-3602 : Security Advisory - sqlite3 - CVE-2019-19244

Created: Nov 26, 2019 Updated: Dec 15, 2019

Resolved Date: Dec 12, 2019

Found In Version: 10.19.45.1

Fix Version: 10.19.45.2

Severity: Standard

Applicable for: Wind River Linux LTS 19

Component/s: Userspace

Description

sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.

CREATE(Triage):(User=admin) [CVE-2019-19244|https://nvd.nist.gov/vuln/detail/CVE-2019-19244]

CVEs

CVE-2019-19244