Bugzilla – Bug 921999
VUL-1: CVE-2015-0295: libqt5-qtbase,libqt4,qt: division by zero when processing malformed BMP files
Last modified: 2019-11-05 15:37:48 UTC
Created attachment 626595 [details] repro image from https://bugreports.qt.io/browse/QTBUG-44547 Via maintenance request from openSUSE maintainer When opening specially crafted BMP (originally has it's compression type set to 0 (none), but was changed to 3 (bitfield) with a hex editor) as a QImage, the application crashes with SIGFPE. Can be tested in Qt Creator (attach as resource) or other applications using QImage. Image attached. No impact beyond DoS. Rated low. https://bugreports.qt.io/browse/QTBUG-44547 All SLE versions seem to be affected (checked code) References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0295 https://bugreports.qt.io/browse/QTBUG-44547
bugbot adjusting priority
openSUSE-SU-2015:0573-1: An update that fixes 5 vulnerabilities is now available. Category: security (moderate) Bug References: 875470,883374,902670,905742,921999 CVE References: CVE-2014-0190,CVE-2014-3494,CVE-2014-8483,CVE-2014-8600,CVE-2015-0295 Sources used: openSUSE 13.1 (src): kdebase4-runtime-4.11.5-482.6, kdelibs4-4.11.5-488.2, kdelibs4-apidocs-4.11.5-488.3, konversation-1.5.1-3.4.3, kwebkitpart-1.3.3-2.4.1, libqt4-4.8.5-5.17.1, libqt4-devel-doc-4.8.5-5.17.2, libqt4-sql-plugins-4.8.5-5.17.1
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2015-05-04. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/61570
submitted the fix to openSUSE:Factory
bug 921999, bug 927806, bug 927807, bug 927808 affect libqt5-qtbase on SLE 12. Assigning to maintainer for submission.
SUSE-SU-2015:0977-1: An update that fixes four vulnerabilities is now available. Category: security (moderate) Bug References: 921999,927806,927807,927808 CVE References: CVE-2015-0295,CVE-2015-1858,CVE-2015-1859,CVE-2015-1860 Sources used: SUSE Linux Enterprise Software Development Kit 11 SP3 (src): libqt4-4.6.3-5.34.2, libqt4-devel-doc-4.6.3-5.34.2, libqt4-devel-doc-data-4.6.3-5.34.2, libqt4-sql-plugins-4.6.3-5.34.2 SUSE Linux Enterprise Server 11 SP3 for VMware (src): libqt4-4.6.3-5.34.2, libqt4-devel-doc-4.6.3-5.34.2, libqt4-sql-plugins-4.6.3-5.34.2 SUSE Linux Enterprise Server 11 SP3 (src): libqt4-4.6.3-5.34.2, libqt4-devel-doc-4.6.3-5.34.2, libqt4-sql-plugins-4.6.3-5.34.2 SUSE Linux Enterprise Desktop 11 SP3 (src): libqt4-4.6.3-5.34.2, libqt4-sql-plugins-4.6.3-5.34.2
L3 is closed since bsc#936523 is opened for the PTF request Ya Dan Fan
SUSE-SU-2015:1359-1: An update that solves four vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 847880,921999,927806,927807,927808,929688 CVE References: CVE-2015-0295,CVE-2015-1858,CVE-2015-1859,CVE-2015-1860 Sources used: SUSE Linux Enterprise Workstation Extension 12 (src): libqt4-4.8.6-4.2, libqt4-sql-plugins-4.8.6-4.1 SUSE Linux Enterprise Software Development Kit 12 (src): libqt4-4.8.6-4.2, libqt4-devel-doc-4.8.6-4.6, libqt4-sql-plugins-4.8.6-4.1 SUSE Linux Enterprise Server 12 (src): libqt4-4.8.6-4.2, libqt4-devel-doc-4.8.6-4.6, libqt4-sql-plugins-4.8.6-4.1 SUSE Linux Enterprise Desktop 12 (src): libqt4-4.8.6-4.2, libqt4-sql-plugins-4.8.6-4.1
SUSE-SU-2015:1383-1: An update that solves four vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 870151,921999,927806,927807,927808 CVE References: CVE-2015-0295,CVE-2015-1858,CVE-2015-1859,CVE-2015-1860 Sources used: SUSE Linux Enterprise Software Development Kit 12 (src): libqt5-qtbase-5.3.1-4.4.2 SUSE Linux Enterprise Server 12 (src): libqt5-qtbase-5.3.1-4.4.2 SUSE Linux Enterprise Desktop 12 (src): libqt5-qtbase-5.3.1-4.4.2
released