Описание
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| qtbase-opensource-src | fixed | 5.11.3+dfsg-1 | experimental | package |
| qtbase-opensource-src | fixed | 5.11.3+dfsg-2 | package | |
| qt4-x11 | fixed | 4:4.8.7+dfsg-18 | package |
Примечания
https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
https://codereview.qt-project.org/#/c/235998/
affected code can be in src/gui/image/qgifhandler.cpp or in
src/plugins/imageformats/gif/qgifhandler.cpp depending on the version
https://github.com/qt/qtbase/commit/2841e2b61e32f26900bde987d469c8b97ea31999
EPSS
Связанные уязвимости
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.
Уязвимость функции QGifHandler кроссплатформенного фреймворка для разработки программного обеспечения Qt, позволяющая нарушителю вызвать отказ в обслуживании
EPSS