Debian dla-3805 : libqt5concurrent5 - security update

critical Nessus Plugin ID 194883

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3805 advisory.

- Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3. (CVE-2023-24607)

- An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match. (CVE-2023-32762)

- An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
(CVE-2023-32763)

- An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1.
QDnsLookup has a buffer over-read via a crafted reply from a DNS server. (CVE-2023-33285)

- In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. (CVE-2023-37369)

- An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3.
There are infinite loops in recursive entity expansion. (CVE-2023-38197)

- An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. (CVE-2023-51714)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the libqt5concurrent5 packages.

See Also

https://security-tracker.debian.org/tracker/CVE-2023-33285

https://security-tracker.debian.org/tracker/CVE-2023-37369

https://security-tracker.debian.org/tracker/CVE-2023-38197

https://security-tracker.debian.org/tracker/CVE-2023-51714

https://packages.debian.org/source/buster/qtbase-opensource-src

http://www.nessus.org/u?daec893f

https://security-tracker.debian.org/tracker/CVE-2023-24607

https://security-tracker.debian.org/tracker/CVE-2023-32762

https://security-tracker.debian.org/tracker/CVE-2023-32763

Plugin Details

Severity: Critical

ID: 194883

File Name: debian_DLA-3805.nasl

Version: 1.0

Type: local

Agent: unix

Published: 5/1/2024

Updated: 5/1/2024

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2023-51714

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:libqt5concurrent5, p-cpe:/a:debian:debian_linux:libqt5core5a, p-cpe:/a:debian:debian_linux:libqt5dbus5, p-cpe:/a:debian:debian_linux:libqt5gui5, p-cpe:/a:debian:debian_linux:libqt5network5, p-cpe:/a:debian:debian_linux:libqt5opengl5, p-cpe:/a:debian:debian_linux:libqt5opengl5-dev, p-cpe:/a:debian:debian_linux:libqt5printsupport5, p-cpe:/a:debian:debian_linux:libqt5sql5, p-cpe:/a:debian:debian_linux:libqt5sql5-ibase, p-cpe:/a:debian:debian_linux:libqt5sql5-mysql, p-cpe:/a:debian:debian_linux:libqt5sql5-odbc, p-cpe:/a:debian:debian_linux:libqt5sql5-psql, p-cpe:/a:debian:debian_linux:libqt5sql5-sqlite, p-cpe:/a:debian:debian_linux:libqt5sql5-tds, p-cpe:/a:debian:debian_linux:libqt5test5, p-cpe:/a:debian:debian_linux:libqt5widgets5, p-cpe:/a:debian:debian_linux:libqt5xml5, p-cpe:/a:debian:debian_linux:qt5-default, p-cpe:/a:debian:debian_linux:qt5-flatpak-platformtheme, p-cpe:/a:debian:debian_linux:qt5-gtk-platformtheme, p-cpe:/a:debian:debian_linux:qt5-qmake, p-cpe:/a:debian:debian_linux:qt5-qmake-bin, p-cpe:/a:debian:debian_linux:qtbase5-dev, p-cpe:/a:debian:debian_linux:qtbase5-dev-tools, p-cpe:/a:debian:debian_linux:qtbase5-doc, p-cpe:/a:debian:debian_linux:qtbase5-doc-html, p-cpe:/a:debian:debian_linux:qtbase5-examples, p-cpe:/a:debian:debian_linux:qtbase5-private-dev, cpe:/o:debian:debian_linux:10.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/1/2024

Vulnerability Publication Date: 4/15/2023

Reference Information

CVE: CVE-2023-24607, CVE-2023-32762, CVE-2023-32763, CVE-2023-33285, CVE-2023-37369, CVE-2023-38197, CVE-2023-51714