PT-2018-3710 · Qt Company+6 · Qt+6

Published

2018-08-24

·

Updated

2020-10-14

·

CVE-2018-19871

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Qt versions prior to 5.11.3
Description An issue was discovered in Qt, related to the QTgaFile component, which is associated with an error in the resource consumption control mechanism. This issue allows a remote attacker to cause a denial of service.
Recommendations For Qt versions prior to 5.11.3, update to version 5.11.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the QTgaFile component to minimize the risk of exploitation.

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

ALSA-2020:1665
ALT-PU-2018-2887
ALT-PU-2018-2888
ALT-PU-2018-2889
ALT-PU-2018-2890
ALT-PU-2018-2891
ALT-PU-2018-2892
ALT-PU-2018-2893
ALT-PU-2018-2894
ALT-PU-2018-2895
ALT-PU-2018-2896
ALT-PU-2018-2897
ALT-PU-2018-2898
ALT-PU-2018-2899
ALT-PU-2018-2900
ALT-PU-2018-2901
ALT-PU-2018-2902
ALT-PU-2018-2903
ALT-PU-2018-2904
ALT-PU-2018-2905
ALT-PU-2018-2906
ALT-PU-2018-2907
ALT-PU-2018-2908
ALT-PU-2018-2909
ALT-PU-2018-2910
ALT-PU-2018-2911
ALT-PU-2018-2912
ALT-PU-2018-2913
ALT-PU-2018-2914
ALT-PU-2018-2915
ALT-PU-2018-2916
ALT-PU-2018-2917
ALT-PU-2019-2558
ALT-PU-2019-2583
BDU:2021-03457
CESA-2019_2135
CESA-2020_1172
CESA-2020_1665
CVE-2018-19871
DLA-1786-1
DLA-2377-1
MGASA-2020-0204
OPENSUSE-SU-2019:1115-1
OPENSUSE-SU-2019_1115-1
RHSA-2019:2135
RHSA-2019_2135
RHSA-2020:1172
RHSA-2020:1665
RHSA-2020_1172
RHSA-2020_1665
RLSA-2020:1665
SUSE-SU-2019:0705-1
SUSE-SU-2019_0705-1
SUSE-SU-2020:2923-1
SUSE-SU-2020_2923-1

Affected Products

Alt Linux
Almalinux
Centos
Qt
Red Hat
Rocky Linux
Suse