CVE-2020-24742

NameCVE-2020-24742
DescriptionAn issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-4617-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
qt4-x11 (PTS)jessie, jessie (lts)4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u5fixed
stretch (security)4:4.8.7+dfsg-11+deb9u3fixed
stretch (lts), stretch4:4.8.7+dfsg-11+deb9u4fixed
buster4:4.8.7+dfsg-18+deb10u1fixed
buster (security)4:4.8.7+dfsg-18+deb10u2fixed
qtbase-opensource-src (PTS)jessie, jessie (lts)5.3.2+dfsg-4+deb8u6fixed
stretch (security)5.7.1+dfsg-3+deb9u3fixed
stretch (lts), stretch5.7.1+dfsg-3+deb9u4fixed
buster5.11.3+dfsg1-1+deb10u5fixed
buster (security)5.11.3+dfsg1-1+deb10u6fixed
bullseye5.15.2+dfsg-9fixed
bookworm5.15.8+dfsg-11fixed
sid, trixie5.15.13+dfsg-2fixed
qtbase-opensource-src-gles (PTS)bullseye5.15.2+dfsg-4fixed
bookworm5.15.8+dfsg-3fixed
sid, trixie5.15.13+dfsg-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
qt4-x11source(unstable)(not affected)
qtbase-opensource-srcsourcejessie5.3.2+dfsg-4+deb8u4
qtbase-opensource-srcsourcestretch5.7.1+dfsg-3+deb9u2DSA-4617-1
qtbase-opensource-srcsourcebuster5.11.3+dfsg1-1+deb10u3DSA-4617-1
qtbase-opensource-srcsource(unstable)5.12.5+dfsg-8
qtbase-opensource-src-glessource(unstable)5.14.2+dfsg-3

Notes

- qt4-x11 <not-affected> (Vulnerable code introduced later)
https://codereview.qt-project.org/c/qt/qtbase/+/280730
Introduced in https://codereview.qt-project.org/gitweb?p=qt/qtbase.git;a=commitdiff;h=3146dadb42cb36aff83a62e831b8b4f4dc1562a7 (v5.6.0-alpha1)
Fixed by: https://codereview.qt-project.org/gitweb?p=qt/qtbase.git;a=commitdiff;h=bf131e8d2181b3404f5293546ed390999f760404 (v5.14.0-rc1)
Same fix as CVE-2020-0569

Search for package or bug name: Reporting problems