Bug 1118597 (CVE-2018-19870) - VUL-1: CVE-2018-19870: libqt5-qtbase: Check for QImage allocation failure in qgifhandler
Summary: VUL-1: CVE-2018-19870: libqt5-qtbase: Check for QImage allocation failure in ...
Status: RESOLVED FIXED
Alias: CVE-2018-19870
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/220282/
Whiteboard: CVSSv3:SUSE:CVE-2018-19870:4.0:(AV:L/...
Keywords:
Depends on:
Blocks:
 
Reported: 2018-12-06 08:38 UTC by Alexander Bergmann
Modified: 2024-05-07 09:28 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2018-12-06 08:38:17 UTC 
CVE-2018-19870, Qt Base: Check for QImage allocation failure in qgifhandler

Check for QImage allocation failure in qgifhandler

Since image files easily can be (or corrupt files claim to be) huge,
it is worth checking for out of memory situations.

Change-Id: I635a3ec6852288079fdec4e14cf7e776fe59e9e0
Reviewed-by: Lars Knoll <lars.knoll@qt.io>

Upstream fix:
https://codereview.qt-project.org/#/c/235998/
Comment 1 Alexander Bergmann 2018-12-06 16:20:53 UTC 
Affected code moved quite a lot:

11sp1: libqt4(4.6.3): src/plugins/imageformats/gif/qgifhandler.cpp
11sp3: libqt4(4.6.3): src/plugins/imageformats/gif/qgifhandler.cpp
12: libqt4(4.8.7): src/gui/image/qgifhandler.cpp

12: libqt5-qtbase(5.3.1): src/gui/image/qgifhandler.cpp
12sp2: libqt5-qtbase(5.6.1): src/gui/image/qgifhandler.cpp
12sp3: libqt5-qtbase(5.6.2): src/gui/image/qgifhandler.cpp
15: libqt5-qtbase(5.9.4): src/plugins/imageformats/gif/qgifhandler.cpp
Comment 2 Fabian Vogt 2019-03-19 16:25:52 UTC 
I submitted the fix to Qt 5.9.4 in 15: isr#187470

Qt 5.9.7 in 15 SP1 contains the fix already.
Comment 10 Max Lin 2019-04-01 08:08:11 UTC 
MR got accepted, re-assigning back.
Comment 11 Swamp Workflow Management 2019-04-10 19:09:32 UTC 
SUSE-SU-2019:0927-1: An update that solves two vulnerabilities and has two fixes is now available.

Category: security (moderate)
Bug References: 1108889,1118597,1129662,1130246
CVE References: CVE-2018-19870,CVE-2018-19872
Sources used:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    libqt5-qtbase-5.9.4-8.18.2
SUSE Linux Enterprise Module for Desktop Applications 15 (src):    libqt5-qtbase-5.9.4-8.18.2
SUSE Linux Enterprise Module for Basesystem 15 (src):    libqt5-qtbase-5.9.4-8.18.2

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 12 Swamp Workflow Management 2019-04-18 19:09:04 UTC 
openSUSE-SU-2019:1239-1: An update that solves two vulnerabilities and has two fixes is now available.

Category: security (moderate)
Bug References: 1108889,1118597,1129662,1130246
CVE References: CVE-2018-19870,CVE-2018-19872
Sources used:
openSUSE Leap 15.0 (src):    libqt5-qtbase-5.9.4-lp150.11.1
Comment 16 Swamp Workflow Management 2020-02-04 17:15:01 UTC 
SUSE-SU-2020:0319-1: An update that fixes three vulnerabilities is now available.

Category: security (important)
Bug References: 1118597,1130246,1161167
CVE References: CVE-2018-19870,CVE-2018-19872,CVE-2020-0569
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    libqt5-qtbase-5.5.1-8.10.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    libqt5-qtbase-5.5.1-8.10.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Swamp Workflow Management 2020-02-04 17:16:52 UTC 
SUSE-SU-2020:0317-1: An update that fixes three vulnerabilities is now available.

Category: security (important)
Bug References: 1118597,1130246,1161167
CVE References: CVE-2018-19870,CVE-2018-19872,CVE-2020-0569
Sources used:
SUSE OpenStack Cloud 8 (src):    libqt5-qtbase-5.6.2-6.22.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    libqt5-qtbase-5.6.2-6.22.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    libqt5-qtbase-5.6.2-6.22.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    libqt5-qtbase-5.6.2-6.22.1
SUSE Linux Enterprise Server 12-SP5 (src):    libqt5-qtbase-5.6.2-6.22.1
SUSE Linux Enterprise Server 12-SP4 (src):    libqt5-qtbase-5.6.2-6.22.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    libqt5-qtbase-5.6.2-6.22.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    libqt5-qtbase-5.6.2-6.22.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    libqt5-qtbase-5.6.2-6.22.1
SUSE Enterprise Storage 5 (src):    libqt5-qtbase-5.6.2-6.22.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Swamp Workflow Management 2020-02-04 17:17:50 UTC 
SUSE-SU-2020:0318-1: An update that fixes three vulnerabilities is now available.

Category: security (important)
Bug References: 1118597,1130246,1161167
CVE References: CVE-2018-19870,CVE-2018-19872,CVE-2020-0569
Sources used:
SUSE OpenStack Cloud 7 (src):    libqt5-qtbase-5.6.1-17.13.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    libqt5-qtbase-5.6.1-17.13.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    libqt5-qtbase-5.6.1-17.13.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    libqt5-qtbase-5.6.1-17.13.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Thomas Leroy 2024-05-07 09:28:47 UTC 
All done, closing.