CVE-2022-35737
sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API
Severity Score
Exploit Likelihood
Affected Versions
5Public Exploits
3Exploited in Wild
-Decision
Descriptions
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.
SQLite versiones 1.0.12 hasta 3.39.x anteriores a 3.39.2, permite a veces un desbordamiento de lĂmites de matriz si son usados miles de millones de bytes en un argumento de cadena para una API de C
An array-bounds overflow vulnerability was discovered in SQLite. The vulnerability occurs when handling an overly large input passed as a string argument to some of the C-language APIs provided by SQLite. This flaw allows a remote attacker to pass specially crafted large input to the application and perform a denial of service (DoS) attack.
Juraj Somorovsky, Marcel Maehren, Nurullah Erinola, and Robert Merget discovered that the DTLS implementation in the JSSE subsystem of OpenJDK did not properly restrict handshake initiation requests from clients. A remote attacker could possibly use this to cause a denial of service. Markus Loewe discovered that the Java Sound subsystem in OpenJDK did not properly validate the origin of a Soundbank. An attacker could use this to specially craft an untrusted Java application or applet that could load a Soundbank from an attacker controlled remote URL.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-07-13 CVE Reserved
- 2022-08-03 CVE Published
- 2023-03-09 First Exploit
- 2024-08-03 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-129: Improper Validation of Array Index
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| https://kb.cert.org/vuls/id/720344 | Broken Link |
|
| https://security.netapp.com/advisory/ntap-... | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://security.gentoo.org/glsa/202210-40 | 2024-03-27 | |
| https://sqlite.org/releaselog/3_39_2.html | 2024-03-27 | |
| https://www.sqlite.org/cves.html | 2024-03-27 | |
| https://access.redhat.com/security/cve/CVE-2022-35737 | 2024-01-25 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2110291 | 2024-01-25 |