A recently identified security vulnerability, CVE-2025-6965, affects SQLite database versions prior to 3.50.2, including 3.26.0, which is currently installed in your Greenplum cluster. This vulnerability has been fixed in SQLite version 3.50.2.

The flaw is a memory corruption issue caused by improper handling when the number of aggregate terms in a query exceeds the available number of columns. Exploitation could allow an attacker to cause a process crash, corrupt data, or potentially execute arbitrary code through crafted SQL queries.

Greenplum utilities such as gpbackup and gprestore rely on an embedded SQLite database for their operation, which is typically installed as part of the package dependencies. A recently discovered and high-severity security vulnerability CVE-2025-6965 affects SQLite versions prior to 3.50.2, including the commonly shipped version 3.26.0. Users and administrators should be aware and take immediate measures to remediate risk.

Greenplum 6.x
Greenplum 7.x 
SQLite: 3.26.0 
gpbackup/gprestore: 1.30.6

The memory corruption vulnerability CVE-2025-6965 in SQLite can severely impact database stability in multiple ways. When exploited, this flaw allows certain SQL queries with aggregate terms exceeding the available columns to corrupt memory, leading to:

Process crashes and denial of service: The corruption can cause the SQLite process—or any application depending on it—to crash or behave unpredictably, disrupting database operations and service availability.

Erratic or unstable behavior: Affected databases may experience intermittent errors, freezes, or unpredictable response to legitimate queries, undermining both reliability and performance.

Data integrity risks: Memory corruption may result in unintentional changes to stored data or outright data loss, thus compromising data integrity and trust in the database.

Potential for further exploitation: In severe cases, memory corruption vulnerabilities can be exploited to execute arbitrary code, escalate privileges, or gain unauthorized access, further destabilizing not just the database but the wider system

Remediation Steps:

• Greenplum engineering is aware of the vulnerability and currently developing a patch that will utilize SQLite 3.50.2 or higher. As of 7/31/2025, further details surrounding the release will be made available soon.

• Upgrade your SQLite installation to version 3.50.2 or above as soon as possible.

• If an upgrade is not immediately possible, minimize usage of SQL queries with complex aggregates as a temporary safeguard.

This vulnerability is considered high-severity, with a CVSS score ranging from 7.2 (High) to 9.8 (Critical), and it was actively monitored by major security organizations

Info about CVE-2025-6965:

https://sqlite.org/cves.html

https://nvd.nist.gov/vuln/detail/CVE-2025-6965