ELSA-2025-21037

Опубликовано: 02 дек. 2025

Источник: oracle-oval

Платформа: Oracle Linux 10

Описание

ELSA-2025-21037: qt6-qtsvg security update (IMPORTANT)

[6.9.1-2.1]

Fix CVE-2025-10729: Prevent dangling pointers in SVG group node creation Resolves: RHEL-119699

Обновленные пакеты

Oracle Linux 10

Oracle Linux aarch64

qt6-qtsvg

6.9.1-2.el10_1.1

qt6-qtsvg-devel

6.9.1-2.el10_1.1

qt6-qtsvg-examples

6.9.1-2.el10_1.1

Oracle Linux x86_64

qt6-qtsvg

6.9.1-2.el10_1.1

qt6-qtsvg-devel

6.9.1-2.el10_1.1

qt6-qtsvg-examples

6.9.1-2.el10_1.1

Связанные CVE

CVE-2025-10729

Ссылки на источники

Связанные уязвимости

CVE-2025-10729

ubuntu

4 месяца назад

The module will parse a <pattern> node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use after free.

CVE-2025-10729

nvd

4 месяца назад

The module will parse a <pattern> node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use after free.

CVE-2025-10729

CVSS3: 9.3

msrc

4 месяца назад

Use-after-free vulnerability in Qt SVG qsvghandler.cpp allows denial of service via crafted SVG

CVE-2025-10729

debian

4 месяца назад

The module will parse a <pattern> node which is not a child of a struc ...

RLSA-2025:21037

rocky

3 месяца назад

Important: qt6-qtsvg security update