A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.
| Version | Score | Severity | Vector String |
|---|---|---|---|
| 3.1 | 4.7 | Medium | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H |
| Product | Vendor | Version |
|---|---|---|
| Red Hat Enterprise Linux 8 | Red Hat | SC8180X+SDX55 |
| Red Hat Enterprise Linux 8 | Red Hat | < publication |
| Red Hat Enterprise Linux 7 | Red Hat | n/a |
| Red Hat Enterprise Linux 8 | Red Hat | Android12/Android11 |
| Red Hat Enterprise Linux 9 | Red Hat | APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 |
| Red Hat Enterprise Linux 6 | Red Hat | 15.3(3)JF14 |
| Red Hat Enterprise Linux 7 | Red Hat | n/a |
| < publication | ||
| Red Hat Enterprise Linux 9 | Red Hat | 15.3(3)JF14i |
| Red Hat Enterprise Linux 6 | Red Hat | n/a |