FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

SQLite -- application crash

Affected packages
sqlite3 < 3.49.1
linux_base-rl9-9.6 < 9.6
linux-c7-sqlite < 3.7.17_2

Details

VuXML ID 6989312e-8366-11f0-9bc6-b42e991fc52e
Discovery 2025-04-10
Entry 2025-08-27

cve@mitre.org reports:

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.

[source]

References

CVE Name CVE-2025-29088
URL https://nvd.nist.gov/vuln/detail/CVE-2025-29088

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.