CVE-2020-24742

NameCVE-2020-24742
DescriptionAn issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
qt4-x11 (PTS)stretch4:4.8.7+dfsg-11fixed
stretch (security)4:4.8.7+dfsg-11+deb9u1fixed
buster4:4.8.7+dfsg-18+deb10u1fixed
qtbase-opensource-src (PTS)stretch5.7.1+dfsg-3+deb9u2fixed
stretch (security)5.7.1+dfsg-3+deb9u3fixed
buster5.11.3+dfsg1-1+deb10u4vulnerable
buster (security)5.11.3+dfsg1-1+deb10u3vulnerable
bullseye5.15.2+dfsg-9fixed
bookworm, sid5.15.2+dfsg-10fixed
qtbase-opensource-src-gles (PTS)bookworm, sid, bullseye5.15.2+dfsg-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
qt4-x11source(unstable)(not affected)
qtbase-opensource-srcsourcestretch5.7.1+dfsg-3+deb9u2
qtbase-opensource-srcsource(unstable)5.12.5+dfsg-8
qtbase-opensource-src-glessource(unstable)5.14.2+dfsg-3

Notes

- qt4-x11 <not-affected> (Vulnerable code introduced later)
https://codereview.qt-project.org/c/qt/qtbase/+/280730
Introduced in https://codereview.qt-project.org/gitweb?p=qt/qtbase.git;a=commitdiff;h=3146dadb42cb36aff83a62e831b8b4f4dc1562a7 (v5.6.0-alpha1)
Fixed by: https://codereview.qt-project.org/gitweb?p=qt/qtbase.git;a=commitdiff;h=bf131e8d2181b3404f5293546ed390999f760404 (v5.14.0-rc1)
Same fix as CVE-2020-0569

Search for package or bug name: Reporting problems