安全公告/【CVE-2018-19872】

基本信息

漏洞名称:
受影响操作系统:Asianux
危险等级:中危
影响源码包:qt5-qtdoc
CVSS评分:5.5
发现日期:2023-09-02
修复日期:
修复版本:python-qt5-5.15.0-9.03 qgnomeplatform-0.7.1-2 qt5-5.15.2-1 qt5-qt3d-5.15.2-2 qt5-qtbase-5.15.2-4.0.2 qt5-qtcanvas3d-5.12.5-3.0.1.01 qt5-qtconnectivity-5.15.2-2 qt5-qtdeclarative-5.15.2-2 qt5-qtdoc-5.15.2-1 qt5-qtgraphicaleffects-5.15.2-2 qt5-qtimageformats-5.15.2-2 qt5-qtlocation-5.15.2-2 qt5-qtmultimedia-5.15.2-2 qt5-qtquickcontrols-5.15.2-2 qt5-qtquickcontrols2-5.15.2-2 qt5-qtscript-5.15.1-1.01 qt5-qtsensors-5.15.2-2 qt5-qtserialbus-5.15.2-3 qt5-qtserialport-5.15.2-2 qt5-qtsvg-5.15.2-4 qt5-qttools-5.15.2-4.0.1 qt5-qttranslations-5.15.2-1.01 qt5-qtwayland-5.15.2-3.0.1 qt5-qtwebchannel-5.15.2-2 qt5-qtwebsockets-5.15.2-2 qt5-qtx11extras-5.15.2-2 qt5-qtxmlpatterns-5.15.2-2 sip-4.19.24-2.01

漏洞描述

An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.

漏洞判定

执行命令yum info PackageName获取软件包版本号,版本小于修复版本,则受此漏洞影响,版本大于等于修复版本,则此漏洞已修复

修复方式

yum update PackageName

补丁

参考

https://access.redhat.com/security/cve/CVE-2018-19872
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19872
https://nvd.nist.gov/vuln/detail/CVE-2018-19872