CVE-2019-18281 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Qtbase

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer12 documents7 sources

Severity

4.3MEDIUMNVD

OSV5.5

EPSS

1.7%

top 17.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

QT Qtbase Debian Qtbase-opensource-src Debian Qtbase-opensource-src-gles +1 more

Timeline

PublishedOct 23

Latest updateMay 24

Description

An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages3 packages

▶NVDqt/qtbase5.12.0 — 5.12.5+1

▶debiandebian/qtbase-opensource-src< qtbase-opensource-src 5.12.5+dfsg-2 (bookworm)

▶debiandebian/qtbase-opensource-src-gles< qtbase-opensource-src 5.12.5+dfsg-2 (bookworm)

Also affects: Debian Linux 10.0, 9.0

Patches

Patch: codereview.qt-project.org ↗Patch: codereview.qt-project.org ↗

🔴Vulnerability Details

GHSA

GHSA-92xj-745q-j6qr: An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine↗2022-05-24

▶

OSV

qtbase-opensource-src vulnerabilities↗2020-02-10

▶

OSV

CVE-2019-18281: An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine↗2019-10-23

▶

📋Vendor Advisories

Ubuntu

Qt vulnerabilities↗2020-02-10

▶

Red Hat

qt5-qtbase: Out-of-bounds access in generateDirectionalRuns() function in qtextengine.cpp↗2019-10-23

▶

Debian

CVE-2019-18281: qtbase-opensource-src - An out-of-bounds memory access in the generateDirectionalRuns() function in qtex...↗2019

▶

💬Community

Bugzilla

CVE-2019-18281 qt5-qtbase: Out-of-bounds access in generateDirectionalRuns() function in qtextengine.cpp [epel-6]↗2019-10-23

▶

Bugzilla

CVE-2019-18281 mingw-qt5-qtbase: qt5-qtbase: Out-of-bounds access in generateDirectionalRuns() function in qtextengine.cpp [epel-7]↗2019-10-23

▶

Bugzilla

CVE-2019-18281 qt5-qtbase: Out-of-bounds access in generateDirectionalRuns() function in qtextengine.cpp↗2019-10-23

▶

Bugzilla

CVE-2019-18281 qt5-qtbase: Out-of-bounds access in generateDirectionalRuns() function in qtextengine.cpp [fedora-all]↗2019-10-23

▶

Bugzilla

CVE-2019-18281 mingw-qt5-qtbase: qt5-qtbase: Out-of-bounds access in generateDirectionalRuns() function in qtextengine.cpp [fedora-all]↗2019-10-23

▶