Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:3056

Опубликовано: 07 мая 2025
Источник: rocky
Оценка: Moderate

Описание

Moderate: qt5-qtbase security update

Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt.

Security Fix(es):

  • qt: incorrect integer overflow check (CVE-2023-51714)

  • qtbase: potential buffer overflow when reading KTX images (CVE-2024-25580)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.10 Release Notes linked from the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
qt5-qtbasex86_647.el8qt5-qtbase-5.15.3-7.el8.x86_64.rpm
qt5-qtbase-commonnoarch7.el8qt5-qtbase-common-5.15.3-7.el8.noarch.rpm
qt5-qtbase-develx86_647.el8qt5-qtbase-devel-5.15.3-7.el8.x86_64.rpm
qt5-qtbase-examplesx86_647.el8qt5-qtbase-examples-5.15.3-7.el8.x86_64.rpm
qt5-qtbase-guix86_647.el8qt5-qtbase-gui-5.15.3-7.el8.x86_64.rpm
qt5-qtbase-mysqlx86_647.el8qt5-qtbase-mysql-5.15.3-7.el8.x86_64.rpm
qt5-qtbase-odbcx86_647.el8qt5-qtbase-odbc-5.15.3-7.el8.x86_64.rpm
qt5-qtbase-postgresqlx86_647.el8qt5-qtbase-postgresql-5.15.3-7.el8.x86_64.rpm
qt5-qtbase-private-develx86_647.el8qt5-qtbase-private-devel-5.15.3-7.el8.x86_64.rpm

Показывать по

Связанные CVE

CVE-2023-51714
CVE-2024-25580

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2024-3056

oracle-oval
около 1 года назад

ELSA-2024-3056: qt5-qtbase security update (MODERATE)

oracle-oval логотип

ELSA-2024-2276

oracle-oval
около 1 года назад

ELSA-2024-2276: qt5-qtbase security update (MODERATE)

ubuntu логотип

CVE-2024-25580

CVSS3: 6.2
ubuntu
около 1 года назад

An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.

redhat логотип

CVE-2024-25580

CVSS3: 6.2
redhat
больше 1 года назад

An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.

nvd логотип

CVE-2024-25580

CVSS3: 6.2
nvd
около 1 года назад

An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.