SUSE-SU-2026:22104-1
Vulnerability from csaf_suse - Published: 2026-06-15 09:22 - Updated: 2026-06-15 09:22Summary
Security update for sqlite3
Severity
Important
Notes
Title of the patch: Security update for sqlite3
Description of the patch: This update for sqlite3 fixes the following issues
Update to 3.53.2:
- CVE-2026-11822: memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause
process crashes, memory exhaustion, or arbitrary code execution (bsc#1268012).
- CVE-2026-11824: heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers
to cause a crash or execute arbitrary code (bsc#1268013).
Changes:
* Add the Query Result Formatter (QRF) library for formatting the
results of SQL queries for human readability on a fixed-pitch
font screen.
* Enhance ALTER TABLE to permit adding and removing NOT NULL and
CHECK constraints.
* The REINDEX EXPRESSIONS statement rebuilds expression indexes.
* The body of TEMP triggers may now modify and/or query tables
in the main schema.
* Enhance VACUUM INTO so that if a URI filename is used as the
target and that filename has a reserve=N query parameter with
N between 0 and 255, then the reserve amount for the generated
database copy is set to N.
* New SQL functions json_array_insert() and jsonb_array_insert().
* Renovations to the CLI.
* New C-language interfaces: sqlite3_str_truncate(),
sqlite3_str_free(), sqlite3_carray_bind_v2().
* Add the SQLITE_PREPARE_FROM_DDL option to sqlite3_prepare_v3().
* Added the SQLITE_UTF8_ZT constant which can be used as the
encoding parameter to sqlite3_result_text64() or
sqlite3_bind_text64() to indicate that the value is UTF-8
encoded and zero terminated.
* The SQLITE_LIMIT_PARSER_DEPTH option is added to
sqlite3_limit().
* The SQLITE_DBCONFIG_FP_DIGITS option is added to
sqlite3_db_config().
* Query planner improvements.
* Add new interfaces to the session extension that enable an
application to add changes one at a time to the
sqlite3_changegroup object.
* Improvements to floating-point <-> text conversions.
* Added the self-healing index feature to deal with the stale
expression index problem.
* Add the "-p|--port" option to sqlite3_rsync.
* Add the "opfs-wl" VFS, functionally identical to the "opfs" VFS
but using Web Locks for locking, which can promise fairer lock
sharing than the "opfs" bespoke protocol can. "opfs-wl"
requires Atomics.waitAsync(), so requires newer browsers than
"opfs" does.
* Fixes for problems in 3.53.0 and 3.53.1 reported by users.
* See the check-in timeline for details:
https://sqlite.org/src/timeline?from=version-3.53.0&to=version-3.53.2
Patchnames: SUSE-SLE-Micro-6.0-754
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for sqlite3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for sqlite3 fixes the following issues\n\nUpdate to 3.53.2:\n\n- CVE-2026-11822: memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause\n process crashes, memory exhaustion, or arbitrary code execution (bsc#1268012).\n- CVE-2026-11824: heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers\n to cause a crash or execute arbitrary code (bsc#1268013).\n\nChanges:\n\n * Add the Query Result Formatter (QRF) library for formatting the\n results of SQL queries for human readability on a fixed-pitch\n font screen.\n * Enhance ALTER TABLE to permit adding and removing NOT NULL and\n CHECK constraints.\n * The REINDEX EXPRESSIONS statement rebuilds expression indexes.\n * The body of TEMP triggers may now modify and/or query tables\n in the main schema.\n * Enhance VACUUM INTO so that if a URI filename is used as the\n target and that filename has a reserve=N query parameter with\n N between 0 and 255, then the reserve amount for the generated\n database copy is set to N.\n * New SQL functions json_array_insert() and jsonb_array_insert().\n * Renovations to the CLI.\n * New C-language interfaces: sqlite3_str_truncate(),\n sqlite3_str_free(), sqlite3_carray_bind_v2().\n * Add the SQLITE_PREPARE_FROM_DDL option to sqlite3_prepare_v3().\n * Added the SQLITE_UTF8_ZT constant which can be used as the\n encoding parameter to sqlite3_result_text64() or\n sqlite3_bind_text64() to indicate that the value is UTF-8\n encoded and zero terminated.\n * The SQLITE_LIMIT_PARSER_DEPTH option is added to\n sqlite3_limit().\n * The SQLITE_DBCONFIG_FP_DIGITS option is added to\n sqlite3_db_config().\n * Query planner improvements.\n * Add new interfaces to the session extension that enable an\n application to add changes one at a time to the\n sqlite3_changegroup object.\n * Improvements to floating-point \u003c-\u003e text conversions.\n * Added the self-healing index feature to deal with the stale\n expression index problem.\n * Add the \"-p|--port\" option to sqlite3_rsync.\n * Add the \"opfs-wl\" VFS, functionally identical to the \"opfs\" VFS\n but using Web Locks for locking, which can promise fairer lock\n sharing than the \"opfs\" bespoke protocol can. \"opfs-wl\"\n requires Atomics.waitAsync(), so requires newer browsers than\n \"opfs\" does.\n * Fixes for problems in 3.53.0 and 3.53.1 reported by users.\n * See the check-in timeline for details:\n https://sqlite.org/src/timeline?from=version-3.53.0\u0026to=version-3.53.2\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-754",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22104-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22104-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622104-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22104-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026786.html"
},
{
"category": "self",
"summary": "SUSE Bug 1268012",
"url": "https://bugzilla.suse.com/1268012"
},
{
"category": "self",
"summary": "SUSE Bug 1268013",
"url": "https://bugzilla.suse.com/1268013"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-11822 page",
"url": "https://www.suse.com/security/cve/CVE-2026-11822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-11824 page",
"url": "https://www.suse.com/security/cve/CVE-2026-11824/"
}
],
"title": "Security update for sqlite3",
"tracking": {
"current_release_date": "2026-06-15T09:22:55Z",
"generator": {
"date": "2026-06-15T09:22:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22104-1",
"initial_release_date": "2026-06-15T09:22:55Z",
"revision_history": [
{
"date": "2026-06-15T09:22:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libsqlite3-0-3.53.2-1.1.aarch64",
"product": {
"name": "libsqlite3-0-3.53.2-1.1.aarch64",
"product_id": "libsqlite3-0-3.53.2-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libsqlite3-0-3.53.2-1.1.s390x",
"product": {
"name": "libsqlite3-0-3.53.2-1.1.s390x",
"product_id": "libsqlite3-0-3.53.2-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libsqlite3-0-3.53.2-1.1.x86_64",
"product": {
"name": "libsqlite3-0-3.53.2-1.1.x86_64",
"product_id": "libsqlite3-0-3.53.2-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libsqlite3-0-3.53.2-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.aarch64"
},
"product_reference": "libsqlite3-0-3.53.2-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsqlite3-0-3.53.2-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.s390x"
},
"product_reference": "libsqlite3-0-3.53.2-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsqlite3-0-3.53.2-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.x86_64"
},
"product_reference": "libsqlite3-0-3.53.2-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-11822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-11822"
}
],
"notes": [
{
"category": "general",
"text": "SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bounds read in fts5LeafSeek() via an attacker-controlled loop bound and a heap buffer overflow write in fts5ChunkIterate() through a crafted continuation page causing an integer underflow, exploitable when an FTS5 MATCH query is executed against the malicious database.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.aarch64",
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.s390x",
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-11822",
"url": "https://www.suse.com/security/cve/CVE-2026-11822"
},
{
"category": "external",
"summary": "SUSE Bug 1268012 for CVE-2026-11822",
"url": "https://bugzilla.suse.com/1268012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.aarch64",
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.s390x",
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.aarch64",
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.s390x",
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T09:22:55Z",
"details": "important"
}
],
"title": "CVE-2026-11822"
},
{
"cve": "CVE-2026-11824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-11824"
}
],
"notes": [
{
"category": "general",
"text": "SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value smaller than 4. Attackers can trigger an integer underflow in fts5ChunkIterate() causing an inflated remaining byte count during FTS5 MATCH query processing, leading to a heap buffer overflow of attacker-controlled data in applications compiled with SQLITE_ENABLE_FTS5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.aarch64",
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.s390x",
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-11824",
"url": "https://www.suse.com/security/cve/CVE-2026-11824"
},
{
"category": "external",
"summary": "SUSE Bug 1268013 for CVE-2026-11824",
"url": "https://bugzilla.suse.com/1268013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.aarch64",
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.s390x",
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.aarch64",
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.s390x",
"SUSE Linux Micro 6.0:libsqlite3-0-3.53.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T09:22:55Z",
"details": "important"
}
],
"title": "CVE-2026-11824"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…