Lucene search

K
talosblogKri DontjeTALOSBLOG:01B20F4A55E8AA532378831C06BDC3E2
HistoryJan 13, 2023 - 4:58 p.m.

Vulnerability Spotlight: Integer and buffer overflow vulnerabilities found in QT QML

2023-01-1316:58:03
Kri Dontje
blog.talosintelligence.com
9

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

65.3%

Vulnerability Spotlight: Integer and buffer overflow vulnerabilities found in QT QML

Emma Reuter and Theo Morales of ASIG and Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities.

Cisco ASIG and Cisco Talos recently discovered code execution vulnerabilities in QT QML.

Qt is a popular software suite primarily used to create graphical user interfaces. It also contains several supporting libraries which all aim to enable cross-platform application development with a unified programming API.

QT has responded to vulnerability notifications with this statement: "We have analyzed your report, and our evaluation is that this is not a security issue, even though it is a real bug. Qt's QML and JavaScript support is explicitly not designed for untrusted content… Each application that is passing untrusted input to QtQml needs to have an advisory instead and must thoroughly check their inputs."

This advisory concerns:

TALOS-2022-1617 (CVE-2022-40983), in which Javascript code can trigger an integer overflow during memory allocation, which can lead to arbitrary code execution. A target application would need to access a malicious web page to trigger this vulnerability.

Secondarily, TALOS-2022-1650 (CVE-2022-43591) can involve an out-of-bounds memory access, leading to arbitrary code execution.

Cisco Talos believes these are potential security issues and notified QT of the issues all in adherence to Cisco's vulnerability disclosure policy.

Users are encouraged to update this affected product as soon as possible: Qt Project Qt 6.3.2. Talos tested and confirmed this version of QT could be exploited by this vulnerability.

The following Snort rules will detect exploitation attempts against this vulnerability: 60690-60691 and 60912-60913. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

65.3%

Related for TALOSBLOG:01B20F4A55E8AA532378831C06BDC3E2