SUSE update for libqt5-qtbase



Published: 2023-07-29
Risk Medium
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2023-24607
CVE-2023-32762
CVE-2023-33285
CVE-2023-34410
CVE-2023-38197
CWE-ID CWE-20
CWE-319
CWE-125
CWE-295
CWE-835
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Desktop Applications Module
Operating systems & Components / Operating system

Basesystem Module
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop 15
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

libQt5PlatformSupport-devel-static-64bit
Operating systems & Components / Operating system package or component

libQt5Gui5-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Gui-devel-64bit
Operating systems & Components / Operating system package or component

libQt5Widgets5-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Sql5-mysql-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5DBus-devel-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Core5-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Widgets5-64bit
Operating systems & Components / Operating system package or component

libQt5Sql5-64bit
Operating systems & Components / Operating system package or component

libQt5Concurrent5-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Core5-64bit
Operating systems & Components / Operating system package or component

libQt5DBus5-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Core-devel-64bit
Operating systems & Components / Operating system package or component

libQt5DBus5-64bit
Operating systems & Components / Operating system package or component

libqt5-qtbase-examples-64bit
Operating systems & Components / Operating system package or component

libQt5PrintSupport5-64bit
Operating systems & Components / Operating system package or component

libQt5Test5-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Sql-devel-64bit
Operating systems & Components / Operating system package or component

libQt5Network-devel-64bit
Operating systems & Components / Operating system package or component

libQt5Bootstrap-devel-static-64bit
Operating systems & Components / Operating system package or component

libQt5Xml5-64bit
Operating systems & Components / Operating system package or component

libQt5Test-devel-64bit
Operating systems & Components / Operating system package or component

libQt5Sql5-postgresql-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5OpenGLExtensions-devel-static-64bit
Operating systems & Components / Operating system package or component

libQt5DBus-devel-64bit
Operating systems & Components / Operating system package or component

libQt5Gui5-64bit
Operating systems & Components / Operating system package or component

libQt5Sql5-unixODBC-64bit
Operating systems & Components / Operating system package or component

libQt5Widgets-devel-64bit
Operating systems & Components / Operating system package or component

libQt5OpenGL5-64bit
Operating systems & Components / Operating system package or component

libQt5PrintSupport-devel-64bit
Operating systems & Components / Operating system package or component

libQt5Sql5-sqlite-64bit
Operating systems & Components / Operating system package or component

libQt5Network5-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Concurrent5-64bit
Operating systems & Components / Operating system package or component

libQt5Sql5-unixODBC-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5OpenGL-devel-64bit
Operating systems & Components / Operating system package or component

libQt5Sql5-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Concurrent-devel-64bit
Operating systems & Components / Operating system package or component

libQt5Xml-devel-64bit
Operating systems & Components / Operating system package or component

libQt5Test5-64bit
Operating systems & Components / Operating system package or component

libQt5Sql5-postgresql-64bit
Operating systems & Components / Operating system package or component

libQt5Sql5-mysql-64bit
Operating systems & Components / Operating system package or component

libQt5PrintSupport5-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Sql5-sqlite-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Network5-64bit
Operating systems & Components / Operating system package or component

libqt5-qtbase-examples-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Xml5-64bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5OpenGL5-64bit-debuginfo
Operating systems & Components / Operating system package or component

libqt5-qtbase-examples-debuginfo
Operating systems & Components / Operating system package or component

libqt5-qtbase-platformtheme-xdgdesktopportal-debuginfo
Operating systems & Components / Operating system package or component

libQt5Bootstrap-devel-static
Operating systems & Components / Operating system package or component

libqt5-qtbase-examples
Operating systems & Components / Operating system package or component

libqt5-qtbase-platformtheme-xdgdesktopportal
Operating systems & Components / Operating system package or component

libQt5DBus-devel-32bit
Operating systems & Components / Operating system package or component

libQt5Widgets-devel-32bit
Operating systems & Components / Operating system package or component

libQt5DBus5-32bit
Operating systems & Components / Operating system package or component

libQt5Sql5-sqlite-32bit
Operating systems & Components / Operating system package or component

libQt5Sql5-unixODBC-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Concurrent5-32bit
Operating systems & Components / Operating system package or component

libQt5OpenGL5-32bit
Operating systems & Components / Operating system package or component

libQt5Core5-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5PlatformSupport-devel-static-32bit
Operating systems & Components / Operating system package or component

libQt5Test5-32bit
Operating systems & Components / Operating system package or component

libQt5Core5-32bit
Operating systems & Components / Operating system package or component

libQt5Widgets5-32bit
Operating systems & Components / Operating system package or component

libQt5Widgets5-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Sql5-postgresql-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Gui-devel-32bit
Operating systems & Components / Operating system package or component

libQt5OpenGL5-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Xml5-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Bootstrap-devel-static-32bit
Operating systems & Components / Operating system package or component

libQt5Concurrent-devel-32bit
Operating systems & Components / Operating system package or component

libQt5Network-devel-32bit
Operating systems & Components / Operating system package or component

libQt5Gui5-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Gui5-32bit
Operating systems & Components / Operating system package or component

libQt5Sql5-unixODBC-32bit
Operating systems & Components / Operating system package or component

libQt5Concurrent5-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5DBus-devel-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Sql5-mysql-32bit
Operating systems & Components / Operating system package or component

libqt5-qtbase-examples-32bit
Operating systems & Components / Operating system package or component

libQt5Sql5-sqlite-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5DBus5-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5OpenGLExtensions-devel-static-32bit
Operating systems & Components / Operating system package or component

libQt5Sql5-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Test5-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5OpenGL-devel-32bit
Operating systems & Components / Operating system package or component

libQt5Sql5-32bit
Operating systems & Components / Operating system package or component

libQt5Sql5-mysql-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Sql5-postgresql-32bit
Operating systems & Components / Operating system package or component

libQt5Sql-devel-32bit
Operating systems & Components / Operating system package or component

libQt5Core-devel-32bit
Operating systems & Components / Operating system package or component

libqt5-qtbase-examples-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Xml-devel-32bit
Operating systems & Components / Operating system package or component

libQt5Test-devel-32bit
Operating systems & Components / Operating system package or component

libQt5Xml5-32bit
Operating systems & Components / Operating system package or component

libQt5Network5-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5Network5-32bit
Operating systems & Components / Operating system package or component

libQt5PrintSupport5-32bit-debuginfo
Operating systems & Components / Operating system package or component

libQt5PrintSupport-devel-32bit
Operating systems & Components / Operating system package or component

libQt5PrintSupport5-32bit
Operating systems & Components / Operating system package or component

libQt5Sql5-mysql
Operating systems & Components / Operating system package or component

libQt5Sql5-unixODBC-debuginfo
Operating systems & Components / Operating system package or component

libqt5-qtbase-platformtheme-gtk3-debuginfo
Operating systems & Components / Operating system package or component

libQt5Sql5-mysql-debuginfo
Operating systems & Components / Operating system package or component

libQt5OpenGLExtensions-devel-static
Operating systems & Components / Operating system package or component

libQt5Sql5-unixODBC
Operating systems & Components / Operating system package or component

libqt5-qtbase-platformtheme-gtk3
Operating systems & Components / Operating system package or component

libQt5Sql5-postgresql
Operating systems & Components / Operating system package or component

libQt5Sql5-postgresql-debuginfo
Operating systems & Components / Operating system package or component

libQt5KmsSupport-private-headers-devel
Operating systems & Components / Operating system package or component

libQt5DBus-private-headers-devel
Operating systems & Components / Operating system package or component

libQt5Widgets-private-headers-devel
Operating systems & Components / Operating system package or component

libQt5PrintSupport-private-headers-devel
Operating systems & Components / Operating system package or component

libQt5PlatformSupport-private-headers-devel
Operating systems & Components / Operating system package or component

libQt5Sql-private-headers-devel
Operating systems & Components / Operating system package or component

libQt5Test-private-headers-devel
Operating systems & Components / Operating system package or component

libqt5-qtbase-private-headers-devel
Operating systems & Components / Operating system package or component

libQt5Gui-private-headers-devel
Operating systems & Components / Operating system package or component

libQt5OpenGL-private-headers-devel
Operating systems & Components / Operating system package or component

libQt5Network-private-headers-devel
Operating systems & Components / Operating system package or component

libQt5Core-private-headers-devel
Operating systems & Components / Operating system package or component

libQt5Test5-debuginfo
Operating systems & Components / Operating system package or component

libQt5Sql-devel
Operating systems & Components / Operating system package or component

libQt5Gui5-debuginfo
Operating systems & Components / Operating system package or component

libQt5Widgets5-debuginfo
Operating systems & Components / Operating system package or component

libQt5Network5-debuginfo
Operating systems & Components / Operating system package or component

libQt5Gui5
Operating systems & Components / Operating system package or component

libQt5DBus5-debuginfo
Operating systems & Components / Operating system package or component

libQt5PrintSupport5
Operating systems & Components / Operating system package or component

libQt5Test-devel
Operating systems & Components / Operating system package or component

libQt5OpenGL5-debuginfo
Operating systems & Components / Operating system package or component

libQt5Widgets5
Operating systems & Components / Operating system package or component

libQt5Gui-devel
Operating systems & Components / Operating system package or component

libQt5Concurrent-devel
Operating systems & Components / Operating system package or component

libQt5OpenGL-devel
Operating systems & Components / Operating system package or component

libQt5Test5
Operating systems & Components / Operating system package or component

libqt5-qtbase-debugsource
Operating systems & Components / Operating system package or component

libQt5Network-devel
Operating systems & Components / Operating system package or component

libQt5Sql5-sqlite
Operating systems & Components / Operating system package or component

libQt5Sql5
Operating systems & Components / Operating system package or component

libqt5-qtbase-common-devel-debuginfo
Operating systems & Components / Operating system package or component

libQt5OpenGL5
Operating systems & Components / Operating system package or component

libQt5Sql5-sqlite-debuginfo
Operating systems & Components / Operating system package or component

libQt5Core5-debuginfo
Operating systems & Components / Operating system package or component

libQt5PlatformSupport-devel-static
Operating systems & Components / Operating system package or component

libQt5Widgets-devel
Operating systems & Components / Operating system package or component

libqt5-qtbase-devel
Operating systems & Components / Operating system package or component

libQt5DBus5
Operating systems & Components / Operating system package or component

libQt5PrintSupport-devel
Operating systems & Components / Operating system package or component

libQt5Concurrent5
Operating systems & Components / Operating system package or component

libqt5-qtbase-common-devel
Operating systems & Components / Operating system package or component

libQt5KmsSupport-devel-static
Operating systems & Components / Operating system package or component

libQt5Core5
Operating systems & Components / Operating system package or component

libQt5PrintSupport5-debuginfo
Operating systems & Components / Operating system package or component

libQt5DBus-devel
Operating systems & Components / Operating system package or component

libQt5Sql5-debuginfo
Operating systems & Components / Operating system package or component

libQt5Network5
Operating systems & Components / Operating system package or component

libQt5Xml-devel
Operating systems & Components / Operating system package or component

libQt5PlatformHeaders-devel
Operating systems & Components / Operating system package or component

libQt5Xml5-debuginfo
Operating systems & Components / Operating system package or component

libQt5Xml5
Operating systems & Components / Operating system package or component

libQt5Core-devel
Operating systems & Components / Operating system package or component

libQt5Concurrent5-debuginfo
Operating systems & Components / Operating system package or component

libQt5DBus-devel-debuginfo
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU74061

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-24607

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in the Qt SQL ODBC driver plugin. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected package libqt5-qtbase to the latest version.

Vulnerable software versions

Desktop Applications Module: 15-SP5

Basesystem Module: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

SUSE Linux Enterprise Desktop 15: SP5

openSUSE Leap: 15.5

libQt5PlatformSupport-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-64bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-64bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-xdgdesktopportal-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-xdgdesktopportal: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-32bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-gtk3-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-gtk3: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5KmsSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Network-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Core-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-debugsource: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-common-devel-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-devel: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-common-devel: before 5.15.8+kde185-150500.4.8.1

libQt5KmsSupport-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Core5: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformHeaders-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-debuginfo: before 5.15.8+kde185-150500.4.8.1

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20233018-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Cleartext transmission of sensitive information

EUVDB-ID: #VU76666

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32762

CWE-ID: CWE-319 - Cleartext Transmission of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. A remote attacker with ability to intercept network traffic can gain access to sensitive data.

Mitigation

Update the affected package libqt5-qtbase to the latest version.

Vulnerable software versions

Desktop Applications Module: 15-SP5

Basesystem Module: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

SUSE Linux Enterprise Desktop 15: SP5

openSUSE Leap: 15.5

libQt5PlatformSupport-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-64bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-64bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-xdgdesktopportal-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-xdgdesktopportal: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-32bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-gtk3-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-gtk3: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5KmsSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Network-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Core-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-debugsource: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-common-devel-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-devel: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-common-devel: before 5.15.8+kde185-150500.4.8.1

libQt5KmsSupport-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Core5: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformHeaders-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-debuginfo: before 5.15.8+kde185-150500.4.8.1

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20233018-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU76667

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-33285

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to buffer over-read via a crafted reply from a DNS server within the QDnsLookup() function in src/network/kernel/qdnslookup_unix.cpp. A remote attacker can perform a denial of service attack.

Mitigation

Update the affected package libqt5-qtbase to the latest version.

Vulnerable software versions

Desktop Applications Module: 15-SP5

Basesystem Module: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

SUSE Linux Enterprise Desktop 15: SP5

openSUSE Leap: 15.5

libQt5PlatformSupport-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-64bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-64bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-xdgdesktopportal-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-xdgdesktopportal: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-32bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-gtk3-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-gtk3: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5KmsSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Network-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Core-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-debugsource: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-common-devel-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-devel: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-common-devel: before 5.15.8+kde185-150500.4.8.1

libQt5KmsSupport-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Core5: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformHeaders-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-debuginfo: before 5.15.8+kde185-150500.4.8.1

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20233018-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper Certificate Validation

EUVDB-ID: #VU78696

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-34410

CWE-ID: CWE-295 - Improper Certificate Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to improper validation of TLS certificate chain, where application does not always consider whether the root of a chain is a configured CA certificate. A remote attacker can perform MitM attack.

Mitigation

Update the affected package libqt5-qtbase to the latest version.

Vulnerable software versions

Desktop Applications Module: 15-SP5

Basesystem Module: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

SUSE Linux Enterprise Desktop 15: SP5

openSUSE Leap: 15.5

libQt5PlatformSupport-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-64bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-64bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-xdgdesktopportal-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-xdgdesktopportal: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-32bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-gtk3-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-gtk3: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5KmsSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Network-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Core-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-debugsource: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-common-devel-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-devel: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-common-devel: before 5.15.8+kde185-150500.4.8.1

libQt5KmsSupport-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Core5: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformHeaders-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-debuginfo: before 5.15.8+kde185-150500.4.8.1

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20233018-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Infinite loop

EUVDB-ID: #VU78697

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38197

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop when handling recursive expansions. A remote attacker can consume all available system resources and cause denial of service conditions.

Mitigation

Update the affected package libqt5-qtbase to the latest version.

Vulnerable software versions

Desktop Applications Module: 15-SP5

Basesystem Module: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

SUSE Linux Enterprise Desktop 15: SP5

openSUSE Leap: 15.5

libQt5PlatformSupport-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-64bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-64bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-64bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-64bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-xdgdesktopportal-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-xdgdesktopportal: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Bootstrap-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-32bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-examples-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-32bit-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-32bit: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC-debuginfo: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-gtk3-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-mysql-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGLExtensions-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-unixODBC: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-platformtheme-gtk3: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-postgresql-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5KmsSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Network-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Core-private-headers-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Sql-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Gui5: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5: before 5.15.8+kde185-150500.4.8.1

libQt5Test-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets5: before 5.15.8+kde185-150500.4.8.1

libQt5Gui-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent-devel: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Test5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-debugsource: before 5.15.8+kde185-150500.4.8.1

libQt5Network-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-common-devel-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5OpenGL5: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-sqlite-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Core5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformSupport-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Widgets-devel: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-devel: before 5.15.8+kde185-150500.4.8.1

libQt5DBus5: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5: before 5.15.8+kde185-150500.4.8.1

libqt5-qtbase-common-devel: before 5.15.8+kde185-150500.4.8.1

libQt5KmsSupport-devel-static: before 5.15.8+kde185-150500.4.8.1

libQt5Core5: before 5.15.8+kde185-150500.4.8.1

libQt5PrintSupport5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Sql5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Network5: before 5.15.8+kde185-150500.4.8.1

libQt5Xml-devel: before 5.15.8+kde185-150500.4.8.1

libQt5PlatformHeaders-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5Xml5: before 5.15.8+kde185-150500.4.8.1

libQt5Core-devel: before 5.15.8+kde185-150500.4.8.1

libQt5Concurrent5-debuginfo: before 5.15.8+kde185-150500.4.8.1

libQt5DBus-devel-debuginfo: before 5.15.8+kde185-150500.4.8.1

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20233018-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###