qt6-base (core module) -- Invalid pointer in QStringConverter

2024-05-0200:00:00

vuxml.freebsd.org

qstringconverter invalid pointer

stack modification

specific codec

application vulnerability

qstringdecoder

unix

7.2 High

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

JSON

Andy Shaw reports:

QStringConverter has an invalid pointer being passed as a callback
which can allow modification of the stack. Qt itself is not vulnerable
to remote attack however an application using QStringDecoder either
directly or indirectly can be vulnerable.
This requires:

the attacker be able to tell the application a specific codec to use
the attacker be able to feed the application data in a specific way to cause the desired modification
the attacker what in the stack will get modified, which requires knowing the build of the application (and not all builds will be vulnerable)
the modification do anything in particular that is useful to the attacker, besides maybe crashing the application

Qt does not automatically use any of those codecs, so this needs the application
to implement something using QStringDecoder to be vulnerable.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchqt6-base= 6.5.0UNKNOWN
FreeBSDanynoarchqt6-base<= 6.5.5UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	qt6-base	= 6.5.0	UNKNOWN
FreeBSD	any	noarch	qt6-base	<= 6.5.5	UNKNOWN

References

www.qt.io/blog/security-advisory-qstringconverter