Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-23050

Опубликовано: 31 окт. 2025
Источник: redhat
CVSS3: 3.1

Описание

QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read (or division by zero). This is fixed in 5.15.19, 6.5.9, and 6.8.2.

Missing length checks have been discovered in the Qt bluetooth QLowEnergyController class. An external device can send malformed Bluetooth ATT commands to trigger read past the end of the buffer and division by zero errors which may lead to a denial of service on the host device. In the central role the user has to explicitly connect to the attacking external device before the malformed commands are processed.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10qt6Fix deferred
Red Hat Enterprise Linux 6qtOut of support scope
Red Hat Enterprise Linux 6qt3Out of support scope
Red Hat Enterprise Linux 7qtOut of support scope
Red Hat Enterprise Linux 7qt3Out of support scope
Red Hat Enterprise Linux 8qt5Fix deferred
Red Hat Enterprise Linux 9qt5Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=2408769qt: qt5: qt6: Qt missing length checks

3.1 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-23050

CVSS3: 3.1
ubuntu
5 месяцев назад

QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read (or division by zero). This is fixed in 5.15.19, 6.5.9, and 6.8.2.

nvd логотип

CVE-2025-23050

CVSS3: 3.1
nvd
5 месяцев назад

QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read (or division by zero). This is fixed in 5.15.19, 6.5.9, and 6.8.2.

debian логотип

CVE-2025-23050

CVSS3: 3.1
debian
5 месяцев назад

QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ...

suse-cvrf логотип

openSUSE-SU-2025:0033-1

suse-cvrf
около 1 года назад

Security update for qt6-connectivity

github логотип

GHSA-pj6p-fx56-wq5h

CVSS3: 3.1
github
5 месяцев назад

QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read (or division by zero). This is fixed in 5.15.19, 6.5.9, and 6.8.2.

3.1 Low

CVSS3