vulnerability
Oracle Linux: CVE-2024-25580: ELSA-2024-2276: qt5-qtbase security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:N/I:N/A:C) | 02/15/2024 | 05/07/2024 | 12/01/2024 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:C)
Published
02/15/2024
Added
05/07/2024
Modified
12/01/2024
Description
An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.
A vulnerability has been discovered in Qt Base, wherein an attacker can exploit a specially crafted KTX image file to induce a buffer overflow within the application parsing it. This overflow can subsequently result in a denial-of-service condition, rendering the affected application inaccessible or non-responsive.
A vulnerability has been discovered in Qt Base, wherein an attacker can exploit a specially crafted KTX image file to induce a buffer overflow within the application parsing it. This overflow can subsequently result in a denial-of-service condition, rendering the affected application inaccessible or non-responsive.
Solution(s)
oracle-linux-upgrade-qt5-qtbaseoracle-linux-upgrade-qt5-qtbase-commonoracle-linux-upgrade-qt5-qtbase-develoracle-linux-upgrade-qt5-qtbase-examplesoracle-linux-upgrade-qt5-qtbase-guioracle-linux-upgrade-qt5-qtbase-mysqloracle-linux-upgrade-qt5-qtbase-odbcoracle-linux-upgrade-qt5-qtbase-postgresqloracle-linux-upgrade-qt5-qtbase-private-develoracle-linux-upgrade-qt5-qtbase-static
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.