Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 433
Alerts This Week
Warning Icon 1 433

Ubuntu 18.04 LTS USN-5081-1: Critical Qt Denial Of Service Issues

ubuntu
Calendar Grey September 16, 2021
Dist Ubuntu Esm H88
Qt libraries for Ubuntu 18.04 LTS have resolved security vulnerabilities. Updates addressing potential denial of service risks have been released.
Several security issues were fixed in Qt.

Summary

Several security issues were fixed in Qt.

Software Description:

- qtbase-opensource-src: Qt 5 libraries

Details:

It was discovered that Qt incorrectly handled certain XBM image files. If a

user or automated system were tricked into opening a specially crafted PPM

file, a remote attacker could cause Qt to crash, resulting in a denial of

service. (CVE-2020-17507)

It was discovered that Qt incorrectly handled certain graphics operations.

If a user or automated system were tricked into performing certain graphics

operations, a remote attacker could cause Qt to crash, resulting in a

denial of service. (CVE-2021-38593)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  libqt5core5a                    5.9.5+dfsg-0ubuntu2.6
  libqt5gui5                      5.9.5+dfsg-0ubuntu2.6

After a standard system update you need to restart your session to make all
the necessary changes.

References

https://ubuntu.com/security/notices/USN-5081-1

CVE-2020-17507, CVE-2021-38593

Severity
critical
Lowest
Low
Medium
High
Critical

September 16, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.