Описание
Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| qtbase-opensource-src | fixed | 5.12.5+dfsg-8 | package | |
| qtbase-opensource-src | fixed | 5.11.3+dfsg1-1+deb10u3 | buster | package |
| qtbase-opensource-src | not-affected | stretch | package | |
| qtbase-opensource-src | not-affected | jessie | package |
Примечания
https://bugreports.qt.io/browse/QTBUG-81272
Patch: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=e6f1fde24f77f63fb16b2df239f82a89d2bf05dd
https://lists.qt-project.org/pipermail/development/2020-January/038534.html
Связанные уязвимости
Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.
Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.
Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.
Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.