symisc UnQLite Heap-Based Buffer Overflow Vulnerability in jx9MemObjStore Function
Vulnerability
A critical heap-based buffer overflow vulnerability has been identified in symisc UnQLite versions prior to commit 957c377cb691a4f617db9aba5cc46d90425071e2. The issue arises in the jx9MemObjStore function within the file unqlite.c, as part of the benchmarks directory. This vulnerability can be exploited locally, leading to potential memory corruption.
Impact
Exploitation of this vulnerability causes a heap-based buffer overflow, which can lead to memory corruption and possibly allow for arbitrary code execution.
Reproduction
The vulnerability can be reproduced by compiling UnQLite with AddressSanitizer enabled, using GCC version 7.5.0. After compiling the application, the proof-of-concept exploit can be executed by running the UnQLite command-line tool with a crafted input file that triggers the buffer overflow. The AddressSanitizer will report the heap-buffer-overflow error, indicating that the vulnerability has been successfully exploited.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.