CVE-2018-19872 — Divide By Zero in Qtbase-opensource-src

CWE-369 — Divide By Zero10 documents7 sources

Severity

5.5MEDIUMNVD

EPSS

0.3%

top 50.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Qtbase-opensource-src Fedoraproject Fedora Opensuse Leap +1 more

Timeline

PublishedMar 21

Latest updateMay 13

Description

An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶debiandebian/qtbase-opensource-src< qtbase-opensource-src 5.11.2+dfsg-3 (bookworm)

▶NVDqt/qt5.11.0

▶NVDopensuse/leap15.0

Also affects: Fedora 28, 29, 30

Patches

Patch: blog.qt.io ↗Patch: bugreports.qt.io ↗Patch: blog.qt.io ↗

🔴Vulnerability Details

GHSA

GHSA-74x6-c8f2-mfpm: An issue was discovered in Qt 5↗2022-05-13

▶

OSV

qtbase-opensource-src vulnerabilities↗2020-02-10

▶

OSV

CVE-2018-19872: An issue was discovered in Qt 5↗2019-03-21

▶

📋Vendor Advisories

Ubuntu

Qt vulnerabilities↗2020-02-10

▶

Red Hat

qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp↗2018-12-04

▶

Debian

CVE-2018-19872: qtbase-opensource-src - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by z...↗2018

▶

💬Community

Bugzilla

CVE-2018-19872 qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp↗2019-03-22

▶

Bugzilla

CVE-2018-19872 qt5: qt: malformed PPM image causing division by zero and crash in qppmhandler.cpp [fedora-all]↗2019-03-22

▶

Bugzilla

CVE-2018-19872 qt: malformed PPM image causing division by zero and crash in qppmhandler.cpp [fedora-all]↗2019-03-22

▶