Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: libqt4 Important Denial of Service and Buffer Overflow 2025:02968-1

suse
Calendar Grey August 25, 2025
Dist Suse Esm H88
Ubuntu reveals significant patches for libgtk3 tackling various vulnerabilities, fortifying system integrity.
* bsc#1196654 * bsc#1211298 * bsc#1211798 * bsc#1211994 * bsc#1213326

Summary

## This update for libqt4 fixes the following issues: * CVE-2021-45930: Fixed out-of-bounds write leading to DoS (bsc#1196654) * CVE-2023-32573: Fixed missing initialization of QtSvg QSvgFont m_unitsPerEm (bsc#1211298) * CVE-2023-32763: Fixed buffer overflow on QTextLayout during rendering of an SVG file with an image inside (bsc#1211798) * CVE-2023-34410: Fixed certificate validation not always considering whether the root of a chain is a configured CA certificate (bsc#1211994) * CVE-2023-37369: Fixed buffer overflow in QXmlStreamReader (bsc#1214327) * CVE-2023-38197: Fixed infinite loops in QXmlStreamReader (bsc#1213326) * CVE-2025-5455: Fixed denial of service when qDecodeDataUrl() is called with malformed data and assertions are enabled (bsc#1245609) ## Patch Instructions:

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow SuSE important libqt4

References

* bsc#1196654

* bsc#1211298

* bsc#1211798

* bsc#1211994

* bsc#1213326

* bsc#1214327

* bsc#1245609

* bsc#357727

* bsc#552218

* bsc#656144

* bsc#717127

* bsc#875470

Cross-

* CVE-2021-45930

* CVE-2023-32573

* CVE-2023-32763

* CVE-2023-34410

* CVE-2023-37369

* CVE-2023-38197

* CVE-2025-5455

CVSS scores:

* CVE-2021-45930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2021-45930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2023-32573 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

* CVE-2023-32573 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2023-32573 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2023-32763 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:02968-1
Release Date: 2025-08-25T06:20:49Z
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow SuSE important libqt4

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here