Magellan 2.0 is some vulnerabilities that exist in SQLite (Former was: Magellan 1.0 ). These vulnerabilities were found by Tencent Blade Team and verified to be able to exploit remote code execution in Chromium render process. As a well-known database, SQLite is widely used in all modern mainstream operating systems and softwares, so this vulnerability has a wide range of influence. SQLite and Google had confirmed and fixed these vulnerabilities. We will not disclose any details of the vulnerability at this time, and we are pushing other vendors to fix this vulnerability as soon as possible.
If you are using a software that is using SQLite as component (without the latest patch, which is 13 Dec 2019), and it supports external SQL queries. Or, you are using Chrome that is prior to 79.0.3945.79 with WebSQL enabled, you may be affected. Other devices such as PC/Mobile devices/IoT devices may also be affected, depends on if there's a proper attack surface.
Remote code execution, leaking program memory or causing program crashes.
Yes, we successfully exploited Chrome with these vulnerabilities.
CVE-2019-13734, CVE-2019-13750, CVE-2019-13751, CVE-2019-13752, CVE-2019-13753.
We have not found this vulnerability to have a public full exploit code.
We have reported all the details of the vulnerability to Google and they have fixed vulnerabilities. If your product uses Chromium, please update to the official stable version 79.0.3945.79( Stable Channel Update for Desktop). If your product uses SQLite, please update to the newest code commit.
Not yet. We follow the responsible vulnerability disclosure process and will not disclose the details of the vulnerability in advance 90 days after the vulnerability report.
Magellan means a group of vulnerabilities we have reported recently.If you are using a software that is using SQLite as component (without the latest patch, which is 13 Dec 2019), and it supports external SQL queries. Or, you are using Chrome that is prior to 79.0.3945.79 and it enabled WebSQL, you may be affected.
Browsers with WebSQL enabled that meet one of the following conditions may be affected by Magellan:
In those conditions program will not be affected:
- 16 Nov 2019 Reported to Google and SQLite.
- 16 Nov 2019 Vulnerabilities confirmed by Google.
- 27 Nov 2019 Google and SQLite fixed vulnerabilities.
- 27 Nov 2019 Tencent Blade Team provided a fuzzer to Google.
- 11 Dec 2019 Google released the official Chrome version 79.0.3945.79.
- 11 Dec 2019 CVE ID has been assigned as CVE-2019-13734, CVE-2019-13750, CVE-2019-13751, CVE-2019-13752, CVE-2019-13753.
Tencent Blade Team was founded by Tencent Security Platform Department, focusing in security researches of AI, Mobile Internet, IoT and other cutting-edge technologies. So far, Tencent Blade Team has reported more than 100 security vulnerabilities to a large number of international manufacturers, including Google, Apple, Amazon and Adobe. In the future, Tencent Blade Team will continue to make the Internet a safer place for everyone.
Contact us: firstname.lastname@example.org
Copyright © 2019 Tencent Security Platform Department.All Rights Reserved.