Vulnerability CVE-2018-19872: Information

Description

An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.

Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2018-19872
Published: March 21, 2019
Modified: Nov. 7, 2023
Error type identifier: CWE-369

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
qt4sisyphus4.8.7-alt174.8.7-alt26ALT-PU-2019-2558-1236710Fixed
qt4p104.8.7-alt174.8.7-alt23ALT-PU-2019-2558-1236710Fixed
qt4p94.8.7-alt184.8.7-alt22ALT-PU-2019-2583-1236801Fixed
qt4p84.8.7-alt7.14.8.7-alt7.1ALT-PU-2019-2659-1236719Fixed
qt4c10f14.8.7-alt174.8.7-alt23ALT-PU-2019-2558-1236710Fixed
qt4c9f24.8.7-alt184.8.7-alt20ALT-PU-2019-2583-1236801Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://bugreports.qt.io/browse/QTBUG-69449
  • Exploit
  • Issue Tracking
  • Patch
  • Vendor Advisory
http://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
  • Patch
  • Vendor Advisory
openSUSE-SU-2019:1239
  • Mailing List
  • Third Party Advisory
USN-4275-1
    [debian-lts-announce] 20200928 [SECURITY] [DLA 2376-1] qtbase-opensource-src security update
      [debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update
        FEDORA-2019-03ac7f1d2f
          FEDORA-2019-ae913a2f00
            FEDORA-2019-b5e690b96e

                1. Configuration 1

                  cpe:2.3:a:qt:qt:5.11.0:*:*:*:*:*:*:*

                  Configuration 2

                  cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*

                  Configuration 3

                  cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
                  cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
                  cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
              VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
              Version: v24.5.0
              Back to top