[CLSA-2026:1782142140] sqlite: Fix of 2 CVEs
Type:
security
Severity:
Important
Release date:
2026-06-22 15:29:15 UTC
Description:
- CVE-2026-11822: fix memory corruption in FTS5 fts5LeafRead() by rejecting leaf pages with szLeaf < 4, blocking the OOB read in fts5LeafSeek() - CVE-2026-11824: fix heap-based buffer overflow via integer underflow in fts5ChunkIterate() when szLeaf < 4 (same root cause; closed by the same fts5LeafRead validation tightening)
Updated packages:
  • lemon-3.26.0-15.el8.tuxcare.els8.x86_64.rpm
    sha:2d20c7d00299a591295dcf8804f091440d227cebc061b819434c03bb325e355b
  • sqlite-3.26.0-15.el8.tuxcare.els8.i686.rpm
    sha:62e57a5e2e65757452cce0a0eaad97a87367502cd543a2258fd3366e4179bc89
  • sqlite-3.26.0-15.el8.tuxcare.els8.x86_64.rpm
    sha:cbe27021620d88810fac818844ff0dbeadf6651a9688b7aeb1b53291532fc4cc
  • sqlite-analyzer-3.26.0-15.el8.tuxcare.els8.x86_64.rpm
    sha:78583451617bd9ff88252d3239272a5e90fc29ca55c6a6c73f67b6d5a918a503
  • sqlite-devel-3.26.0-15.el8.tuxcare.els8.i686.rpm
    sha:8ff316f21759d9bb7cff9e86a7a0b50cbb14856e7d59c3f5a0d93cacc7b53a3e
  • sqlite-devel-3.26.0-15.el8.tuxcare.els8.x86_64.rpm
    sha:467c8a3d11707e27ba71487c8603ea6cd43cfb12923c9a6414c6fd8bb842da07
  • sqlite-doc-3.26.0-15.el8.tuxcare.els8.noarch.rpm
    sha:392daf78752d5cab4ff31d0b520d974ad1f208ff8f622bd25ba2488b012447aa
  • sqlite-libs-3.26.0-15.el8.tuxcare.els8.i686.rpm
    sha:c2d4ec37302d3f64bbdf9d7408b8416c08361bec84710aecb09f4663d1a43335
  • sqlite-libs-3.26.0-15.el8.tuxcare.els8.x86_64.rpm
    sha:7a3fb9874a820e7fdf3b5740d6df83986f0dcba0a0d9d7c88b97175ee265ec8f
  • sqlite-tcl-3.26.0-15.el8.tuxcare.els8.x86_64.rpm
    sha:181a3fd998b6bfa489c1e21ba746dcff95ffb49cd3d73f203f9cee81e8cca3f3
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.