[CLSA-2026:1777311496] sqlite: Fix of 3 CVEs
Type:
security
Severity:
Critical
Release date:
2026-04-27 20:38:34 UTC
Description:
- CVE-2018-8740: NULL pointer dereference in sqlite3EndTable() when the sqlite_master schema is corrupted with a CREATE TABLE AS entry - CVE-2018-20346: integer overflow in the FTS3 segment reader path (fts3ScanInteriorNode, fts3SegReaderNext) on crafted shadow table data - CVE-2018-20506: heap corruption in the FTS3 merge path (nodeReaderNext) triggered by a crafted FTS3 shadow table
Updated packages:
  • lemon-3.7.17-8.amzn2.1.3.tuxcare.els2.x86_64.rpm
    sha:60253cd6a2848f261c9d6fa326e47b7aba07e9d934481df1c36eda6d901178eb
  • sqlite-3.7.17-8.amzn2.1.3.tuxcare.els2.i686.rpm
    sha:b4ef5f88c49af8b4257643a1873fadbb3aa00c775eb03ba20286a18b02d40e7d
  • sqlite-3.7.17-8.amzn2.1.3.tuxcare.els2.x86_64.rpm
    sha:c1e3bd82a6c72fdcdb8f9faa55d84210b75c76dce04e548560ef93ce023218e0
  • sqlite-devel-3.7.17-8.amzn2.1.3.tuxcare.els2.x86_64.rpm
    sha:3e80d9e289ca4bf335f752908b0e33e47379373e1f9cb6f212693085756dfee7
  • sqlite-doc-3.7.17-8.amzn2.1.3.tuxcare.els2.noarch.rpm
    sha:cf3c74732907f76b3a48cf8413fceb1793da7531858cdfc0daf0d873b51a35a6
  • sqlite-tcl-3.7.17-8.amzn2.1.3.tuxcare.els2.x86_64.rpm
    sha:0f6180a2d06e78c79d1bef3bd6a0d8cde02448c2a56082532d285a88a6c92236
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.