CVE-2020-24742

NameCVE-2020-24742
DescriptionAn issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-4617-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
qtbase-opensource-src (PTS)bullseye5.15.2+dfsg-9+deb11u1fixed
bookworm5.15.8+dfsg-11+deb12u3fixed
trixie5.15.15+dfsg-5fixed
sid5.15.15+dfsg-6fixed
qtbase-opensource-src-gles (PTS)bullseye5.15.2+dfsg-4fixed
bookworm5.15.8+dfsg-3fixed
sid, trixie5.15.15+dfsg-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
qt4-x11source(unstable)(not affected)
qtbase-opensource-srcsourcestretch5.7.1+dfsg-3+deb9u2DSA-4617-1
qtbase-opensource-srcsourcebuster5.11.3+dfsg1-1+deb10u3DSA-4617-1
qtbase-opensource-srcsource(unstable)5.12.5+dfsg-8
qtbase-opensource-src-glessource(unstable)5.14.2+dfsg-3

Notes

- qt4-x11 <not-affected> (Vulnerable code introduced later)
https://codereview.qt-project.org/c/qt/qtbase/+/280730
Introduced in https://codereview.qt-project.org/gitweb?p=qt/qtbase.git;a=commitdiff;h=3146dadb42cb36aff83a62e831b8b4f4dc1562a7 (v5.6.0-alpha1)
Fixed by: https://codereview.qt-project.org/gitweb?p=qt/qtbase.git;a=commitdiff;h=bf131e8d2181b3404f5293546ed390999f760404 (v5.14.0-rc1)
Same fix as CVE-2020-0569
Search for package or bug name: Reporting problems