Описание
When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash. This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0. This is fixed in 6.5.10, 6.8.5 and 6.9.1.
A flaw was found in qt. Loading a specially crafted ICNS image file within QImage results in a crash. This flaw allows a local attacker to provide a malicious image. The vulnerability is exploited via the image loading process, leading to application termination.
Отчет
The vulnerability involves a crash triggered by a specifically crafted ICNS image file within QImage. While the attack vector is remote (AV:N) and requires no authentication (PR:N), user interaction (UI:R) is necessary to load the malicious image. This limits the ease of exploitation compared to vulnerabilities that allow for fully automated remote code execution. A crash, while disruptive, doesn’t inherently lead to arbitrary code execution or data compromise. However, a denial of service is possible, and a determined attacker could potentially exploit the crash to gain further information or potentially escalate to a more severe outcome. Given the ubiquity of Qt in various applications, a crash vulnerability warrants a Moderate rating. The lack of authentication and remote attack vector are mitigating factors, but the potential for denial of service and the wide usage of Qt contribute to the overall risk. Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-770: Allocation of Resources Without Limits or Throttling vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low. The platform enforces hardening guidelines to apply the most restrictive settings required for operations, while baseline configurations maintain secure system and software states. A defense-in-depth monitoring strategy includes perimeter firewalls and endpoint protection services that detect excessive resource usage caused by malicious activity or system misconfigurations. In the event of exploitation, process isolation ensures workloads operate in separate environments, preventing any single process from overconsuming CPU or memory and degrading system performance.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | qt6 | Fix deferred | ||
| Red Hat Enterprise Linux 6 | qt | Fix deferred | ||
| Red Hat Enterprise Linux 6 | qt3 | Fix deferred | ||
| Red Hat Enterprise Linux 7 | qt | Fix deferred | ||
| Red Hat Enterprise Linux 7 | qt3 | Fix deferred | ||
| Red Hat Enterprise Linux 8 | qt5 | Fix deferred | ||
| Red Hat Enterprise Linux 9 | qt5 | Fix deferred |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash. This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0. This is fixed in 6.5.10, 6.8.5 and 6.9.1.
When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash. This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0. This is fixed in 6.5.10, 6.8.5 and 6.9.1.
When loading a specifically crafted ICNS format image file in QImage t ...
When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash. This issue affects Qt from versions 6.3.0 through 6.5.9, from 6.6.0 through 6.8.4, 6.9.0. This is fixed in 6.5.10, 6.8.5 and 6.9.1.
EPSS
4.3 Medium
CVSS3