Tencent Blade’s security team recently discovered a sqLite vulnerability called Magellan 2.0, allowing hackers to remotely run malicious programs on Chrome. There are five vulnerabilities in this group, cVE-2019-13734, CVE-2019-13750, CVE-2019-13751, CVE-2019-13752 and CVE-2019-13753, All applications that use the SQLite database are affected by the Magellan 2.0 attack.
For more information visit: https://blade.tencent.com/magellan2/index.html
Tencent Knife Security Team’s official website: https://blade.tencent.com/
Magellan 2.0 (Magellan) is a set of vulnerabilities that exist in SQLite. It was discovered by BladeTencent Team and verified that remote code execution can be achieved in the Render process of a browser based on the Chromium kernel. SQLite, a well-known open source database, has been used in all major operating systems and software, so the vulnerability is widespread. Chrome has also been tested to be affected by the vulnerability, which has now been officially confirmed and fixed by Google and SQLite.
Apple’s iPhone, iPad, MacBook, iMac, Apple Watch, Apple Watch, Apple Apple, except for all Chromium-based browsers and Google Home smart speaker devices affected, according to an official blog post by Tencent’s Knife Security team. Popular products, such as TV, have also been affected.
The SQLite vulnerability was discovered by Tencent Blade Team in its security research through manual code audits and automated testing. This set of vulnerabilities was named “Magellan” by the team. According to SQLite’s official filing spree, the compromised vulnerability in the Magellan vulnerability could have been around for eight years. Magellan exploits the vulnerability, an attacker can remotely run malicious code on a user’s computer, causing a program memory leak or program crash.
Blade Tencent Team has joined forces with Google, Apple, Facebook, Microsoft and SQLite’s official security team to push for bug fixes. At the same time, Tencent Team is alerting users to system and software update notifications and to upgrade SQLite to the latest version of 3.26.0.
Google Chrome 71, released last week, has also patched the vulnerability. Chromeum-based browsers such as Vivaldi and Brave use the latest version of Chromium. But Opera is still running an older version of Chromium, so it will still be affected.
In addition, while Web SQL is not supported, Firefox is also affected by this vulnerability because they use a SQLite database that can be accessed locally, so local attackers can use the vulnerability to execute code. Tencent Blade Security team recommends that the team using the Chromium product update to the official stable version 71.0.3578.80 as soon as possible, if the product involves SQLite, please update to 3.26.0.
In addition, there are a number of contingency proposals if there are no conditions for the adoption of the official lying of the patch:
1) Turn off the ft3 function in SQLite;
2) Disable WebSQL: The sqlite component that does not compile at compile time. Since WebSQL does n’up, it is currently only supported by Chrome and Safari.
Finally, the validation method: The recompiled kernel should not be able to call the openDatabase function in the console.