Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Google Chrome Affected by Magellan 2.0 SQLite Vulnerabilities

One year and one week after the disclosure of the Magellan series of vulnerabilities in 2018, Magellan 2.0 is disclosed, bringing five new vulnerabilities with it.

Background

On December 23, 2019, the Tencent Blade Team published an advisory regarding “Magellan 2.0,” a new set of SQLite vulnerabilities discovered by researcher Wenxiang Qian differing from the original Magellan vulnerabilities disclosed last year.

Analysis

Information relating to Magellan 2.0 at present is limited to what has been disclosed in the advisory and the assignment of CVE IDs CVE-2019-13734, CVE-2019-13750, CVE-2019-13751, CVE-2019-13752 and CVE-2019-13753 on December 10, 2019. The Tencent Blade Team states that the impact of these vulnerabilities includes the leaking of program memory, causing program crashes and remote code execution.

The vulnerability in SQLite occurs when the SQLite database is passed a maliciously crafted SQL command that it executes on behalf of the attacker, exploiting the vulnerabilities highlighted by the Tencent Blade Team. Remote attacks like this against SQLite databases would require direct and improperly handled input between the SQLite database and the internet-facing application.

These vulnerabilities are remotely exploitable in Google Chrome as it comes with Web SQL Database installed by default, an API that translates JavaScript code into SQL commands to be executed by Google Chrome’s internal SQLite database, which is used to store user data and browser settings.

All applications implementing SQLite as a component and supporting SQL are affected if the latest patches are not applied. Chrome/Chromium users with versions prior to v79.0.3945.79 are also vulnerable. The Tencent Blade Team also noted that these vulnerabilities affect smart devices using an older version of Chrome/Chromium, browsers built using an older version of Chrome/Webview, Android apps using older versions of Webview and software that uses older versions of Chromium. The Tencent Blade Team states that they are working with vendors to address the issue and notes that, at present, there is no evidence of abuse in the wild.

Proof of concept

At the time this blog post was published, there was no proof of concept (PoC) available, but one may be released in the future. When asked if they will be releasing a PoC, the Tencent Blade Team stated, “Not yet. We follow the responsible vulnerability disclosure process and will not disclose the details of the vulnerability in advance 90 days after the vulnerability report.” They initially disclosed these vulnerabilities to Google and SQLite on November 16, 2019.

Solution

Tenable strongly advises organizations and individuals to upgrade to patched versions as soon as possible. On December 10, 2018, Google released 79.0.3945.79 ( Stable Channel Update for Desktop) for Chromium users. SQLite addressed the bugs on December 13, 2019, but has yet to release patches in a stable branch. We advise committing to this branch as soon as it is available.

Identifying affected systems

A list of Tenable plugins to identify these vulnerabilities can be found here.

Get more information

Join Tenable's Security Response Team on the Tenable Community.

Learn more about Tenable, the first Cyber Exposure platform for holistic management of your modern attack surface.

Get a free 30-day trial of Tenable.io Vulnerability Management.

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Request a demo of Tenable.ot

Get the Operational Technology Security You Need.
Reduce the Risk You Don’t.