Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2021-45930 |
CWE-ID | CWE-787 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Qt Universal components / Libraries / Scripting languages |
Vendor |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU78667
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-45930
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when processing untrusted input within QtPrivate::QCommonArrayOps::growAppend() function. A remote attacker can create a specially crafted SVG file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and crash the application.
Install updates from vendor's website.
Vulnerable software versionsQt: before 6.2.2
External linkshttp://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37025
http://github.com/qt/qtsvg/commit/a3b753c2d077313fc9eb93af547051b956e383fc
http://github.com/google/oss-fuzz-vulns/blob/main/vulns/qt/OSV-2021-1121.yaml
http://github.com/qt/qtsvg/commit/79bb9f51fa374106a612d17c9d98d35d807be670
http://github.com/qt/qtsvg/commit/36cfd9efb9b22b891adee9c48d30202289cfa620
http://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37306
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V75XNX4GDB64N5BSOAN474RUXXS5OHRU/
http://lists.debian.org/debian-lts-announce/2022/01/msg00020.html
http://lists.debian.org/debian-lts-announce/2022/01/msg00022.html
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GKOKVCSDZSOWWR3HOW5XUIUJC4MKQY5/
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZIXNSX7FV733TWTTLY6FHSH3SCNQKKD/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.