In DBMS SQLite detected vulnerability CVE-2019-5018 that allows performing code in the system if it is possible to execute a SQL query, prepared by an attacker.
Problem arises from the SQLite 3.26 branch.
“SQLite implements the Window Functions feature of SQL, which allows queries over a subset, or “window,” of rows. This specific vulnerability lies in that “window” function”, — writes Cisco Talos expert Cory Duplantis.
Specially designed SQL-request SELECT can case turn to the already freed memory’s region (use-after-free) that can potentially be used for creation of exploit for code execution in the context of application that uses SQLite.
Vulnerability can be exploited in case if application allows transition of externally received SQL-constructions in SQLite.
The vulnerability is fixed in the SQLite 3.28 update without explicitly mentioning the correction of security problems.