PT-2023-2558 · Qt Company+5 · Qt+5

Andy Shaw

·

Publicado

2023-02-20

·

Atualizado

2025-09-28

·

CVE-2023-24607

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Qt versions 5.x through 5.15.12 Qt versions 6.x through 6.2.7 Qt versions 6.3.x through 6.4.2
Description The issue is related to the incorrect cleanup or release of resources in the SQL ODBC plugin of the Qt framework. This can be exploited by a remote attacker to cause a denial of service using specially crafted data. The vulnerability is triggered when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4.
Recommendations For Qt versions 5.x through 5.15.12, update to version 5.15.13 or later. For Qt versions 6.x through 6.2.7, update to version 6.2.8 or later. For Qt versions 6.3.x through 6.4.2, update to version 6.4.3 or later.

Correção

RCE

Improper Resource Release

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20CWE-404

Identificadores relacionados

ALT-PU-2023-1506
ALT-PU-2023-1574
ALT-PU-2023-7215
ALT-PU-2023-7216
ALT-PU-2023-7217
ALT-PU-2023-7218
ALT-PU-2023-7219
ALT-PU-2023-7220
ALT-PU-2023-7221
ALT-PU-2023-7222
ALT-PU-2023-7223
ALT-PU-2023-7224
ALT-PU-2023-7225
ALT-PU-2023-7226
ALT-PU-2023-7227
ALT-PU-2023-7228
ALT-PU-2023-7229
ALT-PU-2023-7230
ALT-PU-2023-7231
ALT-PU-2023-7232
ALT-PU-2023-7233
ALT-PU-2023-7234
ALT-PU-2023-7235
ALT-PU-2023-7236
ALT-PU-2023-7237
ALT-PU-2023-7645
ALT-PU-2024-1120
ALT-PU-2024-2801
ALT-PU-2024-6295
ALT-PU-2024-6297
ALT-PU-2024-6298
ALT-PU-2024-6299
ALT-PU-2024-6300
ALT-PU-2024-6301
ALT-PU-2024-6302
ALT-PU-2024-6303
ALT-PU-2024-6304
ALT-PU-2024-6305
ALT-PU-2024-6306
ALT-PU-2024-6307
ALT-PU-2024-6308
ALT-PU-2024-6309
ALT-PU-2024-6310
ALT-PU-2024-6311
ALT-PU-2024-6312
ALT-PU-2024-6313
ALT-PU-2024-6314
ALT-PU-2024-6315
ALT-PU-2024-6316
ALT-PU-2024-6317
ALT-PU-2024-6318
ALT-PU-2024-6319
ALT-PU-2024-6320
ALT-PU-2024-6321
ALT-PU-2024-6322
ALT-PU-2024-6323
ALT-PU-2024-6324
ALT-PU-2024-6325
ALT-PU-2024-6326
ALT-PU-2024-6327
ALT-PU-2024-6328
ALT-PU-2024-6329
ALT-PU-2024-6633
ALT-PU-2024-6635
ALT-PU-2024-6636
ALT-PU-2024-6637
ALT-PU-2024-6638
ALT-PU-2024-6639
ALT-PU-2024-6640
ALT-PU-2024-6641
ALT-PU-2024-6642
ALT-PU-2024-6643
ALT-PU-2024-6644
ALT-PU-2024-6645
ALT-PU-2024-6646
ALT-PU-2024-6647
ALT-PU-2024-6648
ALT-PU-2024-6649
ALT-PU-2024-6650
ALT-PU-2024-6651
ALT-PU-2024-6652
ALT-PU-2024-6653
ALT-PU-2024-6654
ALT-PU-2024-6655
ALT-PU-2024-6656
ALT-PU-2024-6657
ALT-PU-2024-6658
ALT-PU-2024-6659
ALT-PU-2024-6660
ALT-PU-2024-6661
ALT-PU-2024-6662
ALT-PU-2024-6663
ALT-PU-2024-6664
ALT-PU-2024-6665
ALT-PU-2024-6666
ALT-PU-2024-6667
AZL-26048
BDU:2023-02373
CVE-2023-24607
DLA-3805-1
MGASA-2023-0051
OESA-2023-1270
OESA-2023-1295
OESA-2023-1296
OESA-2023-1489
OESA-2023-1490
OPENSUSE-SU-2023_2982-1
OPENSUSE-SU-2023_3225-1
OPENSUSE-SU-2024:12673-1
OPENSUSE-SU-2024:12801-1
SUSE-SU-2023:1567-1
SUSE-SU-2023:2971-1
SUSE-SU-2023:2982-1
SUSE-SU-2023:3018-1
SUSE-SU-2023:3207-1
SUSE-SU-2023:3225-1
SUSE-SU-2023_2971-1
SUSE-SU-2023_2982-1
SUSE-SU-2023_3018-1
SUSE-SU-2023_3207-1
SUSE-SU-2023_3225-1
USN-7780-1

Produtos afetados

Alt Linux
Astra Linux
Linuxmint
Qt
Suse
Ubuntu