CVE-2025-23050

NameCVE-2025-23050
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1093882

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
qt6-connectivity (PTS)bookworm6.4.2-1vulnerable
trixie6.7.2-7vulnerable
sid6.7.2-8fixed
qtconnectivity-opensource-src (PTS)bullseye5.15.2-2vulnerable
bookworm5.15.8-2vulnerable
sid, trixie5.15.15-2vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
qt6-connectivitysource(unstable)6.7.2-8
qtconnectivity-opensource-srcsource(unstable)(unfixed)1093882

Notes

[bookworm] - qt6-connectivity <no-dsa> (Minor issue)
[bookworm] - qtconnectivity-opensource-src <no-dsa> (Minor issue)
[bullseye] - qtconnectivity-opensource-src <postponed> (Minor issue; can be fixed in next update)
https://www.qt.io/blog/security-advisory-qlowenergycontroller-on-linux
https://github.com/qt/qtconnectivity/commit/aecbd657c841a2a8c74631ceac96b8ff1f03ab5c (dev)
https://download.qt.io/official_releases/qt/5.15/CVE-2025-23050-qtconnectivity-5.15.diff
Search for package or bug name: Reporting problems