Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2021-38593

Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke).

Related bugs and status

CVE-2021-38593 (Candidate) is related to these bugs:

Bug #1950193: libqt5svg5 affected by CVE-2021-38593

		In	Importance	Status
1950193	libqt5svg5 affected by CVE-2021-38593	qtbase-opensource-src (Ubuntu)	Undecided	Fix Released
1950193	libqt5svg5 affected by CVE-2021-38593	qtbase-opensource-src (Ubuntu Focal)	Undecided	Fix Released
1950193	libqt5svg5 affected by CVE-2021-38593	qtbase-opensource-src (Ubuntu Impish)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugs.chromium....
MISC: https://github.com/goo...
MISC: https://github.com/qt/...
MISC: https://github.com/qt/...
MISC: https://github.com/qt/...
MISC: https://wiki.qt.io/Qt_...
MISC: https://www.qt.io/blog...
FEDORA: FEDORA-2022-54760f7fa4
FEDORA: FEDORA-2022-4131ced81a
GENTOO: GLSA-202402-03