CVE-2020-6405: 
SQLite vulnerability analysis and mitigation

CVE-2020-6405 is a security vulnerability discovered in SQLite component of Google Chrome prior to version 80.0.3987.87. The vulnerability was disclosed on February 11, 2020, and involves an out-of-bounds read vulnerability in SELECT operations with ON/USING clauses (NVD, Chrome Release).

The vulnerability is classified as a medium severity issue with a CVSS v3.1 base score of 6.5. It is specifically an out-of-bounds read vulnerability that occurs in SQLite when processing SELECT statements containing ON/USING clauses. The vulnerability could allow a remote attacker to obtain potentially sensitive information from process memory through a specially crafted HTML page (NVD, Debian Security).

If successfully exploited, the vulnerability could allow an attacker to access sensitive information from process memory. The attack requires user interaction, as it can be triggered via a crafted HTML page, and primarily affects the confidentiality of the system without impacting integrity or availability (NVD).

The vulnerability was patched in Google Chrome version 80.0.3987.87. Users and administrators are advised to upgrade to this version or later. Various Linux distributions have also released security updates to address this vulnerability, including Debian (version 80.0.3987.132-1~deb10u1) and Fedora (Debian Security, Red Hat).