CVE-2021-3481

NameCVE-2021-3481
DescriptionA flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-2885-1, DLA-2895-1, DLA-3539-1, ELA-543-1, ELA-554-1
Debian Bugs986798

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
qt4-x11 (PTS)jessie, jessie (lts)4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u5fixed
stretch (security)4:4.8.7+dfsg-11+deb9u3fixed
stretch (lts), stretch4:4.8.7+dfsg-11+deb9u4fixed
buster4:4.8.7+dfsg-18+deb10u1vulnerable
buster (security)4:4.8.7+dfsg-18+deb10u2fixed
qtsvg-opensource-src (PTS)jessie, jessie (lts)5.3.2-2+deb8u1fixed
stretch (security), stretch (lts), stretch5.7.1~20161021-2.1+deb9u1fixed
buster5.11.3-2vulnerable
bullseye5.15.2-3fixed
bookworm5.15.8-3fixed
sid, trixie5.15.10-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
qt4-x11sourcejessie4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u4ELA-554-1
qt4-x11sourcestretch4:4.8.7+dfsg-11+deb9u3DLA-2895-1
qt4-x11sourcebuster4:4.8.7+dfsg-18+deb10u2DLA-3539-1
qt4-x11source(unstable)(unfixed)
qtsvg-opensource-srcsourcejessie5.3.2-2+deb8u1ELA-543-1
qtsvg-opensource-srcsourcestretch5.7.1~20161021-2.1+deb9u1DLA-2885-1
qtsvg-opensource-srcsource(unstable)5.15.2-3986798

Notes

[buster] - qtsvg-opensource-src <no-dsa> (Minor issue)
https://bugzilla.redhat.com/show_bug.cgi?id=1931444
https://bugreports.qt.io/browse/QTBUG-91507
https://codereview.qt-project.org/gitweb?p=qt%2Fqtsvg.git;a=commit;h=bfd6ee0d8cf34b63d32adf10ed93daa0086b359f (qt/qtsvg/dev)
https://codereview.qt-project.org/gitweb?p=qt%2Fqtsvg.git;a=commit;h=0fa522904d65b73d48d5fadf690131e9ebb58d2a (qt/qtsvg/6.0)
https://codereview.qt-project.org/gitweb?p=qt%2Fqtsvg.git;a=commit;h=9f7ccbfc68d20d0dc2ddc1e7dee5572dcf7dcd48 (qt/qtsvg/6.1)
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31668
https://codereview.qt-project.org/c/qt/qtsvg/+/337587

Search for package or bug name: Reporting problems