PT-2023-3600 · Qt Company+10 · Qt+10

Publicado

2021-09-15

·

Atualizado

2025-09-28

·

CVE-2023-33285

CVSS v3.1

5.3

Média

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Name of the Vulnerable Software and Affected Versions Qt versions 5.x before 5.15.14 Qt versions 6.x before 6.2.9 Qt versions 6.3.x through 6.5.x before 6.5.1
Description The issue is related to a buffer over-read in the QDnsLookup component of the Qt framework, which can be exploited by a remote attacker using a specially crafted reply from a DNS server, potentially leading to a denial of service. The exploitation involves reading beyond the valid boundaries of a data buffer.
Recommendations For Qt versions 5.x before 5.15.14, update to version 5.15.14 or later. For Qt versions 6.x before 6.2.9, update to version 6.2.9 or later. For Qt versions 6.3.x through 6.5.x before 6.5.1, update to version 6.5.1 or later.

Correção

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

ALSA-2023:6369
ALSA-2023:6967
ALT-PU-2021-2802
ALT-PU-2021-2975
ALT-PU-2022-2186
ALT-PU-2022-2187
ALT-PU-2022-2188
ALT-PU-2022-2189
ALT-PU-2022-2190
ALT-PU-2022-2191
ALT-PU-2022-2192
ALT-PU-2022-2193
ALT-PU-2022-2194
ALT-PU-2022-2195
ALT-PU-2022-2196
ALT-PU-2022-2197
ALT-PU-2022-2198
ALT-PU-2022-2199
ALT-PU-2022-2200
ALT-PU-2022-2201
ALT-PU-2022-2202
ALT-PU-2022-2203
ALT-PU-2022-2204
ALT-PU-2022-2205
ALT-PU-2022-2206
ALT-PU-2022-2207
ALT-PU-2022-2208
ALT-PU-2022-2209
ALT-PU-2022-2210
ALT-PU-2022-2211
ALT-PU-2022-2212
ALT-PU-2022-2213
ALT-PU-2022-2214
ALT-PU-2022-2215
ALT-PU-2022-2216
ALT-PU-2022-2217
ALT-PU-2022-2218
ALT-PU-2022-2219
ALT-PU-2022-2372
ALT-PU-2022-2373
ALT-PU-2022-2374
ALT-PU-2022-2375
ALT-PU-2022-2376
ALT-PU-2022-2377
ALT-PU-2022-2378
ALT-PU-2022-2379
ALT-PU-2022-2380
ALT-PU-2022-2381
ALT-PU-2022-2382
ALT-PU-2022-2383
ALT-PU-2022-2384
ALT-PU-2022-2385
ALT-PU-2022-2386
ALT-PU-2022-2387
ALT-PU-2022-2388
ALT-PU-2022-2389
ALT-PU-2022-2390
ALT-PU-2022-2391
ALT-PU-2022-2392
ALT-PU-2022-2393
ALT-PU-2022-2394
ALT-PU-2022-2395
ALT-PU-2022-2396
ALT-PU-2022-2397
ALT-PU-2022-2398
ALT-PU-2022-2399
ALT-PU-2022-2400
ALT-PU-2022-2401
ALT-PU-2022-2402
ALT-PU-2022-2403
ALT-PU-2022-2404
ALT-PU-2022-2405
ALT-PU-2023-7215
ALT-PU-2023-7216
ALT-PU-2023-7217
ALT-PU-2023-7218
ALT-PU-2023-7219
ALT-PU-2023-7220
ALT-PU-2023-7221
ALT-PU-2023-7222
ALT-PU-2023-7223
ALT-PU-2023-7224
ALT-PU-2023-7225
ALT-PU-2023-7226
ALT-PU-2023-7227
ALT-PU-2023-7228
ALT-PU-2023-7229
ALT-PU-2023-7230
ALT-PU-2023-7231
ALT-PU-2023-7232
ALT-PU-2023-7233
ALT-PU-2023-7234
ALT-PU-2023-7235
ALT-PU-2023-7236
ALT-PU-2023-7237
ALT-PU-2023-7645
ALT-PU-2024-1120
ALT-PU-2024-12677
ALT-PU-2024-14250
ALT-PU-2024-2801
AZL-26943
BDU:2023-03876
CESA-2023_6967
CVE-2023-33285
DLA-3805-1
OESA-2023-1791
OPENSUSE-SU-2023_2982-1
OPENSUSE-SU-2023_3225-1
OPENSUSE-SU-2023_3380-1
OPENSUSE-SU-2024:13006-1
OPENSUSE-SU-2024:13380-1
RHSA-2023:6369
RHSA-2023:6967
RHSA-2023_6369
RHSA-2023_6967
SUSE-SU-2023:2971-1
SUSE-SU-2023:2982-1
SUSE-SU-2023:3018-1
SUSE-SU-2023:3207-1
SUSE-SU-2023:3225-1
SUSE-SU-2023:3380-1
SUSE-SU-2023_2971-1
SUSE-SU-2023_2982-1
SUSE-SU-2023_3018-1
SUSE-SU-2023_3207-1
SUSE-SU-2023_3225-1
USN-7780-1

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Qt
Red Hat
Red Os
Suse
Ubuntu