CVE-2021-3481
N/A
N/A
Summary
A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | qt | Fixed in qt 5.12.11, qt 5.15.4, qt 6.0.3, qt 6.1.0RC. | affected |
Weaknesses
- CWE-125: CWE-125 - Out-of-bounds Read
ADP Enrichment
CVE Program Container
Additional References
- https://bugreports.qt.io/browse/QTBUG-91507
- https://codereview.qt-project.org/c/qt/qtsvg/+/337646
- https://bugzilla.redhat.com/show_bug.cgi?id=1931444
- https://access.redhat.com/security/cve/CVE-2021-3481
- https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html
References
- https://bugreports.qt.io/browse/QTBUG-91507
- https://codereview.qt-project.org/c/qt/qtsvg/+/337646
- https://bugzilla.redhat.com/show_bug.cgi?id=1931444
- https://access.redhat.com/security/cve/CVE-2021-3481
- https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.