CVE-2020-11655: 
MySQL vulnerability analysis and mitigation

SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. The vulnerability was discovered and reported by Henry Liu of Shenzhen Ankki Technologies Co.Ltd. The issue was introduced in version 3.25.0 (2018-06-30) and affected all versions through 3.31.1 (CVE Database, SQLite Ticket).

The vulnerability occurs in the resetAccumulator() function when handling semantic errors in aggregate queries. The function did not properly handle early-out cases when the AggInfo object was incompletely or incorrectly initialized, leading to a segmentation fault. The issue initially manifested as an assertion fault until check-in [712e47714863a8ed] (2019-08-10) after which it began to segfault. The vulnerability has a CVSS v3.1 Base Score of 7.5 (High) with vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (NVD Database).

A successful exploitation of this vulnerability could allow an attacker to cause a denial of service condition by triggering a segmentation fault in SQLite through a specially crafted malformed window-function query. This could potentially disrupt applications and services that rely on SQLite database functionality (FreeBSD Advisory).

The vulnerability was fixed in SQLite with check-in [4a302b42c7bf5e11] which modified the resetAccumulator() function to properly handle early-out cases when semantic errors occur in aggregate queries. Users should upgrade to a patched version of SQLite. For systems that cannot be immediately upgraded, there is no known workaround (SQLite Commit).