Alma Linux: CVE-2021-3481: Moderate: qt5 security, bug fix, and enhancement update (ALSA-2021-4172)
4
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
03/10/1975
05/05/2022
05/04/2022
09/15/2022
Description
A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.
Solution(s)
- alma-upgrade-adwaita-qt5
- alma-upgrade-libadwaita-qt5
- alma-upgrade-python-qt5-rpm-macros
- alma-upgrade-python3-pyqt5-sip
- alma-upgrade-python3-qt5
- alma-upgrade-python3-qt5-base
- alma-upgrade-python3-qt5-devel
- alma-upgrade-python3-sip-devel
- alma-upgrade-python3-wx-siplib
- alma-upgrade-qgnomeplatform
- alma-upgrade-qt5-assistant
- alma-upgrade-qt5-designer
- alma-upgrade-qt5-devel
- alma-upgrade-qt5-doctools
- alma-upgrade-qt5-linguist
- alma-upgrade-qt5-qdbusviewer
- alma-upgrade-qt5-qt3d
- alma-upgrade-qt5-qt3d-devel
- alma-upgrade-qt5-qt3d-examples
- alma-upgrade-qt5-qtbase
- alma-upgrade-qt5-qtbase-common
- alma-upgrade-qt5-qtbase-devel
- alma-upgrade-qt5-qtbase-examples
- alma-upgrade-qt5-qtbase-gui
- alma-upgrade-qt5-qtbase-mysql
- alma-upgrade-qt5-qtbase-odbc
- alma-upgrade-qt5-qtbase-postgresql
- alma-upgrade-qt5-qtbase-private-devel
- alma-upgrade-qt5-qtbase-static
- alma-upgrade-qt5-qtcanvas3d
- alma-upgrade-qt5-qtcanvas3d-examples
- alma-upgrade-qt5-qtconnectivity
- alma-upgrade-qt5-qtconnectivity-devel
- alma-upgrade-qt5-qtconnectivity-examples
- alma-upgrade-qt5-qtdeclarative
- alma-upgrade-qt5-qtdeclarative-devel
- alma-upgrade-qt5-qtdeclarative-examples
- alma-upgrade-qt5-qtdeclarative-static
- alma-upgrade-qt5-qtdoc
- alma-upgrade-qt5-qtgraphicaleffects
- alma-upgrade-qt5-qtimageformats
- alma-upgrade-qt5-qtlocation
- alma-upgrade-qt5-qtlocation-devel
- alma-upgrade-qt5-qtlocation-examples
- alma-upgrade-qt5-qtmultimedia
- alma-upgrade-qt5-qtmultimedia-devel
- alma-upgrade-qt5-qtmultimedia-examples
- alma-upgrade-qt5-qtquickcontrols
- alma-upgrade-qt5-qtquickcontrols-examples
- alma-upgrade-qt5-qtquickcontrols2
- alma-upgrade-qt5-qtquickcontrols2-devel
- alma-upgrade-qt5-qtquickcontrols2-examples
- alma-upgrade-qt5-qtscript
- alma-upgrade-qt5-qtscript-devel
- alma-upgrade-qt5-qtscript-examples
- alma-upgrade-qt5-qtsensors
- alma-upgrade-qt5-qtsensors-devel
- alma-upgrade-qt5-qtsensors-examples
- alma-upgrade-qt5-qtserialbus
- alma-upgrade-qt5-qtserialbus-devel
- alma-upgrade-qt5-qtserialbus-examples
- alma-upgrade-qt5-qtserialport
- alma-upgrade-qt5-qtserialport-devel
- alma-upgrade-qt5-qtserialport-examples
- alma-upgrade-qt5-qtsvg
- alma-upgrade-qt5-qtsvg-devel
- alma-upgrade-qt5-qtsvg-examples
- alma-upgrade-qt5-qttools
- alma-upgrade-qt5-qttools-common
- alma-upgrade-qt5-qttools-devel
- alma-upgrade-qt5-qttools-examples
- alma-upgrade-qt5-qttools-libs-designer
- alma-upgrade-qt5-qttools-libs-designercomponents
- alma-upgrade-qt5-qttools-libs-help
- alma-upgrade-qt5-qttools-static
- alma-upgrade-qt5-qttranslations
- alma-upgrade-qt5-qtwayland
- alma-upgrade-qt5-qtwayland-devel
- alma-upgrade-qt5-qtwayland-examples
- alma-upgrade-qt5-qtwebchannel
- alma-upgrade-qt5-qtwebchannel-devel
- alma-upgrade-qt5-qtwebchannel-examples
- alma-upgrade-qt5-qtwebsockets
- alma-upgrade-qt5-qtwebsockets-devel
- alma-upgrade-qt5-qtwebsockets-examples
- alma-upgrade-qt5-qtx11extras
- alma-upgrade-qt5-qtx11extras-devel
- alma-upgrade-qt5-qtxmlpatterns
- alma-upgrade-qt5-qtxmlpatterns-devel
- alma-upgrade-qt5-qtxmlpatterns-examples
- alma-upgrade-qt5-rpm-macros
- alma-upgrade-qt5-srpm-macros
- alma-upgrade-sip
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center