Fluid Attacks Database

Description

An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	qtbase-opensource-src-gles	=5.15.10+dfsg-1 \|\| =5.15.10+dfsg-2 \|\| =5.15.10+dfsg-3 \|\| =5.15.10+dfsg-4 \|\| =5.15.10+dfsg-5 \|\| =5.15.10+dfsg-6 \|\| =5.15.12+dfsg-1 \|\| =5.15.13+dfsg-1 \|\| =5.15.13+dfsg-2 \|\| =5.15.15+dfsg-1 \|\| =5.15.15+dfsg-2 \|\| =5.15.17+dfsg-1 \|\| =5.15.17+dfsg-2 \|\| =5.15.18+dfsg-1 \|\| =5.15.2+dfsg-4 \|\| =5.15.2+dfsg-5 \|\| =5.15.3+dfsg-1 \|\| =5.15.4+dfsg-1 \|\| =5.15.4+dfsg-2 \|\| =5.15.5+dfsg-1 \|\| =5.15.6+dfsg-1 \|\| =5.15.6+dfsg-2 \|\| =5.15.7+dfsg-1 \|\| =5.15.7+dfsg-2 \|\| =5.15.8+dfsg-1 \|\| =5.15.8+dfsg-2 \|\| =5.15.8+dfsg-3 \|\| =5.15.9+dfsg-1	-
debian 12	qt6-base	=6.10.2+dfsg-1 \|\| =6.10.2+dfsg-10 \|\| =6.10.2+dfsg-10+hurd.1 \|\| =6.10.2+dfsg-11 \|\| =6.10.2+dfsg-2 \|\| =6.10.2+dfsg-3 \|\| =6.10.2+dfsg-4 \|\| =6.10.2+dfsg-5 \|\| =6.10.2+dfsg-6 \|\| =6.10.2+dfsg-7 \|\| =6.10.2+dfsg-7+hurd.1 \|\| =6.10.2+dfsg-8 \|\| =6.10.2+dfsg-9 \|\| =6.4.2+dfsg-10 \|\| =6.4.2+dfsg-11 \|\| =6.4.2+dfsg-11~bpo11+1 \|\| =6.4.2+dfsg-12 \|\| =6.4.2+dfsg-13 \|\| =6.4.2+dfsg-14 \|\| =6.4.2+dfsg-15 \|\| =6.4.2+dfsg-16 \|\| =6.4.2+dfsg-17 \|\| =6.4.2+dfsg-18 \|\| =6.4.2+dfsg-18+loong64 \|\| =6.4.2+dfsg-19 \|\| =6.4.2+dfsg-20 \|\| =6.4.2+dfsg-21 \|\| =6.4.2+dfsg-21.1 \|\| =6.6.0+dfsg-1 \|\| =6.6.0+dfsg-2 \|\| =6.6.0+dfsg-3 \|\| =6.6.0+dfsg-4 \|\| =6.6.0+dfsg-5 \|\| =6.6.0+dfsg-6 \|\| =6.6.1+dfsg-1 \|\| =6.6.1+dfsg-2 \|\| =6.6.1+dfsg-3 \|\| =6.6.1+dfsg-4 \|\| =6.6.1+dfsg-5 \|\| =6.6.1+dfsg-6 \|\| =6.6.2+dfsg-1 \|\| =6.6.2+dfsg-10 \|\| =6.6.2+dfsg-11 \|\| =6.6.2+dfsg-12 \|\| =6.6.2+dfsg-2 \|\| =6.6.2+dfsg-3 \|\| =6.6.2+dfsg-4 \|\| =6.6.2+dfsg-5 \|\| =6.6.2+dfsg-6 \|\| =6.6.2+dfsg-7 \|\| =6.6.2+dfsg-8 \|\| =6.6.2+dfsg-9 \|\| =6.7.2+dfsg-1 \|\| =6.7.2+dfsg-2 \|\| =6.7.2+dfsg-3 \|\| =6.7.2+dfsg-4 \|\| =6.7.2+dfsg-4+m68k \|\| =6.7.2+dfsg-5 \|\| =6.7.2+dfsg-6 \|\| =6.8.2+dfsg-1 \|\| =6.8.2+dfsg-10 \|\| =6.8.2+dfsg-10.1 \|\| =6.8.2+dfsg-2 \|\| =6.8.2+dfsg-3 \|\| =6.8.2+dfsg-4 \|\| =6.8.2+dfsg-5 \|\| =6.8.2+dfsg-5+m68k \|\| =6.8.2+dfsg-6 \|\| =6.8.2+dfsg-7 \|\| =6.8.2+dfsg-8 \|\| =6.8.2+dfsg-9 \|\| =6.9.1+dfsg-1 \|\| =6.9.1+dfsg-2 \|\| =6.9.1+dfsg-3 \|\| =6.9.1+dfsg-4 \|\| =6.9.1+dfsg-5 \|\| =6.9.2+dfsg-1 \|\| =6.9.2+dfsg-2 \|\| =6.9.2+dfsg-3 \|\| =6.9.2+dfsg-4	-
debian 13	qt6-base	>=0 <6.6.2+dfsg-8	6.6.2+dfsg-8
debian 14	qt6-base	>=0 <6.6.2+dfsg-8	6.6.2+dfsg-8
debian 11	qtbase-opensource-src	=5.15.2+dfsg-9 \|\| >=0 <5.15.2+dfsg-9+deb11u1	5.15.2+dfsg-9+deb11u1
debian 12	qtbase-opensource-src	=5.15.8+dfsg-11 \|\| =5.15.8+dfsg-11+deb12u1 \|\| >=0 <5.15.8+dfsg-11+deb12u2	5.15.8+dfsg-11+deb12u2
debian 13	qtbase-opensource-src	>=0 <5.15.10+dfsg-7	5.15.10+dfsg-7
debian 14	qtbase-opensource-src	>=0 <5.15.10+dfsg-7	5.15.10+dfsg-7
debian 12	qtbase-opensource-src-gles	=5.15.10+dfsg-1 \|\| =5.15.10+dfsg-2 \|\| =5.15.10+dfsg-3 \|\| =5.15.10+dfsg-4 \|\| =5.15.10+dfsg-5 \|\| =5.15.10+dfsg-6 \|\| =5.15.12+dfsg-1 \|\| =5.15.13+dfsg-1 \|\| =5.15.13+dfsg-2 \|\| =5.15.15+dfsg-1 \|\| =5.15.15+dfsg-2 \|\| =5.15.17+dfsg-1 \|\| =5.15.17+dfsg-2 \|\| =5.15.18+dfsg-1 \|\| =5.15.8+dfsg-3 \|\| =5.15.9+dfsg-1	-
debian 13	qtbase-opensource-src-gles	>=0 <5.15.10+dfsg-5	5.15.10+dfsg-5

1-10 of 14

Aliases

1. CVE-2024-255802. NVD-2024-255803. OSV-DEBIAN-2024-255804. OSV-2024-255805. SECURITY-TRACKER-CVE-2024-25580

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.