{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2021-3481", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2024-08-03T16:53:17.684Z", "dateReserved": "2021-04-01T00:00:00", "datePublished": "2022-08-22T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-08-23T00:06:13.050577"}, "descriptions": [{"lang": "en", "value": "A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability."}], "affected": [{"vendor": "n/a", "product": "qt", "versions": [{"version": "Fixed in qt 5.12.11, qt 5.15.4, qt 6.0.3, qt 6.1.0RC.", "status": "affected"}]}], "references": [{"url": "https://bugreports.qt.io/browse/QTBUG-91507"}, {"url": "https://codereview.qt-project.org/c/qt/qtsvg/+/337646"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1931444"}, {"url": "https://access.redhat.com/security/cve/CVE-2021-3481"}, {"name": "[debian-lts-announce] 20230822 [SECURITY] [DLA 3539-1] qt4-x11 security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-125 - Out-of-bounds Read", "cweId": "CWE-125"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T16:53:17.684Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugreports.qt.io/browse/QTBUG-91507", "tags": ["x_transferred"]}, {"url": "https://codereview.qt-project.org/c/qt/qtsvg/+/337646", "tags": ["x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1931444", "tags": ["x_transferred"]}, {"url": "https://access.redhat.com/security/cve/CVE-2021-3481", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20230822 [SECURITY] [DLA 3539-1] qt4-x11 security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qt:qt:5.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "EA7FCB6B-872F-4900-A2CF-192AFECC4DFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:6.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "C0A66DBD-439D-45EA-BC80-502314D5B0AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "AC14C9CB-1965-4659-8254-17EAB448616D", "vulnerable": true}, {"criteria": "cpe:2.3:a:qt:qt:6.2.0:-:*:*:*:*:*:*", "matchCriteriaId": "2B6E9814-F9BA-4A0C-8420-DAAB4A810567", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability."}, {"lang": "es", "value": "Se ha encontrado un fallo en Qt. Se encontr\u00f3 una vulnerabilidad de lectura fuera de l\u00edmites en QRadialFetchSimd en el archivo qt/qtbase/src/gui/painting/qdrawhelper_p.h en Qt/Qtbase. Este fallo puede conllevar a un acceso no autorizado a la memoria al renderizar y mostrar un archivo Scalable Vector Graphics (SVG) dise\u00f1ado. La mayor amenaza de esta vulnerabilidad es la confidencialidad de los datos y la disponibilidad de la aplicaci\u00f3n."}], "id": "CVE-2021-3481", "lastModified": "2024-11-21T06:21:38.847", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-22T15:15:13.363", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2021-3481"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://bugreports.qt.io/browse/QTBUG-91507"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1931444"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://codereview.qt-project.org/c/qt/qtsvg/+/337646"}, {"source": "secalert@redhat.com", "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2021-3481"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://bugreports.qt.io/browse/QTBUG-91507"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1931444"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://codereview.qt-project.org/c/qt/qtsvg/+/337646"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "adwaita-qt-0:1.2.1-3.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "python-qt5-0:5.15.0-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qgnomeplatform-0:0.7.1-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-0:5.15.2-1.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qt3d-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtbase-0:5.15.2-3.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtcanvas3d-0:5.12.5-3.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtconnectivity-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtdeclarative-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtdoc-0:5.15.2-1.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtgraphicaleffects-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtimageformats-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtlocation-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtmultimedia-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtquickcontrols-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtquickcontrols2-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtscript-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtsensors-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtserialbus-0:5.15.2-3.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtserialport-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtsvg-0:5.15.2-3.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qttools-0:5.15.2-3.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qttranslations-0:5.15.2-1.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtwayland-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtwebchannel-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtwebsockets-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtx11extras-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "qt5-qtxmlpatterns-0:5.15.2-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4172", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "sip-0:4.19.24-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}], "bugzilla": {"description": "qt: Out of bounds read in function QRadialFetchSimd from crafted svg file", "id": "1931444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1931444"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "status": "verified"}, "cwe": "CWE-125", "details": ["A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.", "A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality the application availability."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2021-3481", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "qt", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "qt3", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "qt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "qt3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "qt5-qtbase", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2021-02-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-3481\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-3481"], "threat_severity": "Moderate", "upstream_fix": "qt 5.12.11, qt 5.15.4, qt 6.0.3, qt 6.1.0RC"}