CVE-2020-13435

SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.

Weakness

The product dereferences a pointer that it expects to be valid but is NULL.

Affected Software

Name	Vendor	Start Version	End Version
Sqlite	Sqlite	*	3.32.0 (including)
Red Hat Enterprise Linux 8	RedHat	sqlite-0:3.26.0-15.el8	*
Red Hat Enterprise Linux 8	RedHat	sqlite-0:3.26.0-15.el8	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/cephcsi-rhel9:sha256:4c44c079dccf8e9cbf0a1bbf295986fd496aeb0aa23ad8d324302e218f14ba8f	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/cephcsi-rhel9-operator:sha256:29fb0fd11d7a108f65416fc80abbd8bb50f64a173689e923753c01df79f531e3	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/mcg-core-rhel9:sha256:3959ddbd5e30450cd65ba2cee8bcbe66fb260d5e17d864d20da1f8532a472f58	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/mcg-rhel9-operator:sha256:c0925c14fef769a74cefbf902659aefecea7aa6241f1281ff2f14712dd356747	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/ocs-client-console-rhel9:sha256:c9c249f77da5494a08151d90211799f46c501a136c63bdf5fab8528033c1a078	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/ocs-client-rhel9-operator:sha256:189525c32c30efde779dde1bc7a1310ea1845bb816cfe721081444f515c7fc14	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/ocs-metrics-exporter-rhel9:sha256:b9f32156698d517524707b1e62fb07d244fd3c5baa6c8e0dc63b7f3136ecb689	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/ocs-rhel9-operator:sha256:692d43c0ab28b5919129f1617b105fd348dd97d37d88dd1d911d61a26eb7601b	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/odf-cli-rhel9:sha256:b4b2fe4c505060bac1710c73e699ed13b0a5fea32e1ba16166f929fb8cceba33	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/odf-cloudnative-pg-rhel9-operator:sha256:b9c8f6ffca5a91d1184ef803bb4db14770cb35d305feb168412fa3a36c440d10	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/odf-console-rhel9:sha256:7862c67b17eb6c291db11ecdf6e8c54fac9f2c6b45e816d0b8b79594c70faeaa	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/odf-cosi-sidecar-rhel9:sha256:819edb52f8559427f190f687840a5417de59662fa8bc5129e26e3ed2cf0e0276	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/odf-csi-addons-rhel9-operator:sha256:07979ff44a1e9132ce0df0cfd4b151ce0ab38c91c2ccbd62daed4b7654645a02	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/odf-csi-addons-sidecar-rhel9:sha256:91a659aa4db7d9410801f8120226ea41fca011b9853457d2225433b75ea87407	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/odf-multicluster-console-rhel9:sha256:398dcf8a25e4bd40310e9fc7451f9ec65b09da52cea0f147f9a3244d870c2ec8	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/odf-multicluster-rhel9-operator:sha256:55f3d3d591472741f840b921533812a91653d084acbb74e2aea150695d2e4452	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/odf-must-gather-rhel9:sha256:c2d5160cf4d8fef47ca7caaf3b03052622cf49d75c6dd3ecd05f06bdc4e2291b	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/odf-rhel9-operator:sha256:e5387c81ea125ddc86211d548a45699f989c36c3cf7a2c815e8d79097e32749b	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/odr-rhel9-operator:sha256:dc5d9c9a06b8c5b0dc347d9b4465e2f26141d4f2be9cf7df36a862e942c3267a	*
Red Hat Openshift Data Foundation 4.19	RedHat	odf4/rook-ceph-rhel9-operator:sha256:030161e80c9b75186b6843d08ca3173ea4c98614e9a20b434c00a1e7b535b8f7	*
Sqlite3	Ubuntu	devel	*
Sqlite3	Ubuntu	eoan	*
Sqlite3	Ubuntu	esm-infra/focal	*
Sqlite3	Ubuntu	focal	*
Sqlite3	Ubuntu	trusty	*
Sqlite3	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-13435
CWE	https://cwe.mitre.org/data/definitions/476.html

NULL Pointer Dereference

Weakness

Affected Software

Potential Mitigations

References