{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/sqlite/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":["diesel (\u003c 2.3.8)"],"_cs_severities":["high"],"_cs_tags":["utf-8","diesel","sqlite","corruption"],"_cs_type":"advisory","_cs_vendors":["SQLite"],"content_html":"\u003cp\u003eDiesel, a Rust ORM, is vulnerable to UTF-8 corruption in versions prior to 2.3.8. The vulnerability stems from the use of the \u003ccode\u003esqlite3_value_text\u003c/code\u003e function when deserializing query results from SQLite. Diesel incorrectly assumed this function always returns UTF-8 encoded strings. However, for SQLite \u003ccode\u003eBLOB\u003c/code\u003e storage types, the function can return arbitrary bytes, leading to the use of \u003ccode\u003estr::from_utf8_unchecked\u003c/code\u003e on potentially invalid UTF-8 data. This violates Rust\u0026rsquo;s safety contract and can lead to memory corruption or unexpected behavior. The vulnerability was identified and patched in Diesel version 2.3.8. This matters to defenders because a compromised application could exhibit unpredictable behavior or be exploited to bypass security measures.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker crafts a malicious SQLite database file.\u003c/li\u003e\n\u003cli\u003eThe database includes a \u003ccode\u003eBLOB\u003c/code\u003e field containing non-UTF-8 data.\u003c/li\u003e\n\u003cli\u003eA Diesel-based application connects to the malicious database.\u003c/li\u003e\n\u003cli\u003eThe application executes a query that retrieves the \u003ccode\u003eBLOB\u003c/code\u003e field.\u003c/li\u003e\n\u003cli\u003eDiesel uses \u003ccode\u003esqlite3_value_text\u003c/code\u003e to read the field\u0026rsquo;s content.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003esqlite3_value_text\u003c/code\u003e returns a pointer to the raw (non-UTF-8) bytes.\u003c/li\u003e\n\u003cli\u003eDiesel\u0026rsquo;s vulnerable code uses \u003ccode\u003estr::from_utf8_unchecked\u003c/code\u003e to create a Rust string slice without validating the UTF-8 encoding.\u003c/li\u003e\n\u003cli\u003eThe application processes the invalid UTF-8 string, potentially leading to memory corruption or unexpected behavior.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability can lead to memory corruption within applications using Diesel versions before 2.3.8 when interacting with SQLite databases containing \u003ccode\u003eBLOB\u003c/code\u003e fields with non-UTF-8 data. While the exact impact depends on how the corrupted string is used, it can range from application crashes to potential remote code execution if the corrupted data is used in a sensitive context. There are no specific victim counts or sectors targeted available, but any application using Diesel with SQLite is potentially vulnerable.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Diesel to version 2.3.8 or later to remediate the vulnerability as outlined in the overview.\u003c/li\u003e\n\u003cli\u003eImplement UTF-8 validation on all strings received from external sources, especially when interacting with SQLite \u003ccode\u003eBLOB\u003c/code\u003e fields, regardless of the Diesel version, to provide defense in depth.\u003c/li\u003e\n\u003cli\u003eConsider using static analysis tools to identify potential uses of \u003ccode\u003estr::from_utf8_unchecked\u003c/code\u003e in your codebase and ensure proper validation is performed before using the resulting strings.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-26T12:00:00Z","date_published":"2024-01-26T12:00:00Z","id":"/briefs/2024-01-diesel-utf8-corruption/","summary":"Diesel versions before 2.3.8 are vulnerable to UTF-8 corruption due to the `sqlite3_value_text` function not always returning UTF-8 encoded strings, potentially leading to invalid UTF-8 string processing without validation.","title":"Diesel SQLite Backend UTF-8 Corruption Vulnerability","url":"https://feed.craftedsignal.io/briefs/2024-01-diesel-utf8-corruption/"}],"language":"en","title":"CraftedSignal Threat Feed — SQLite","version":"https://jsonfeed.org/version/1.1"}