Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2021-38593

Published: 12 August 2021

Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke).

Notes

AuthorNote
leosilva
xenial/esm is not affected, code affected is not present
mdeslaur
code was introduced in:
https://github.com/qt/qtbase/commit/6869d2463a2e0d71bd04dbc82f5d6ef4933dc510
While the patch fixes code that was only introduced in 6.0, the
code in 6.0 did introduce a fix that 5.0 didn't have.

Priority

Medium

Cvss 3 Severity Score

7.5

Score breakdown

Status

Package Release Status
qtbase-opensource-src
Launchpad, Ubuntu, Debian
kinetic Not vulnerable
(5.15.2+dfsg-14)
lunar Not vulnerable
(5.15.2+dfsg-14)
upstream Needs triage

trusty Does not exist

xenial Not vulnerable
(code not present)
bionic
Released (5.9.5+dfsg-0ubuntu2.6)
hirsute Ignored
(end of life)
jammy Not vulnerable
(5.15.2+dfsg-14)
impish Ignored
(end of life)
focal
Released (5.12.8+dfsg-0ubuntu2.1)
Patches:
upstream: https://github.com/qt/qtbase/commit/1ca02cf2879a5e1511a2f2109f0925cf4c892862 (6.1)
upstream: https://github.com/qt/qtbase/commit/202143ba41f6ac574f1858214ed8bf4a38b73ccd (6.2)
upstream: https://github.com/qt/qtbase/commit/6b400e3147dcfd8cc3a393ace1bd118c93762e0c (dev)
qtbase-opensource-src-gles
Launchpad, Ubuntu, Debian
impish Ignored
(end of life)
jammy Needs triage

lunar Needs triage

trusty Does not exist

xenial Needs triage

bionic Does not exist

focal Needs triage

upstream Needs triage

hirsute Ignored
(end of life)
kinetic Ignored
(end of life, was needs-triage)

Severity score breakdown

Parameter Value
Base score 7.5
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H