SUSE update for libqt5-qtbase

Published: 2023-07-26

Risk	Medium
Patch available	YES
Number of vulnerabilities	4
CVE-ID	CVE-2023-24607 CVE-2023-33285 CVE-2023-34410 CVE-2023-38197
CWE-ID	CWE-20 CWE-125 CWE-295 CWE-835
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	SUSE Linux Enterprise Software Development Kit 12 Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 12 Operating systems & Components / Operating system SUSE Linux Enterprise Server 12 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 12 Operating systems & Components / Operating system libQt5OpenGL5-debuginfo Operating systems & Components / Operating system package or component libQt5Widgets5-debuginfo Operating systems & Components / Operating system package or component libQt5PrintSupport5 Operating systems & Components / Operating system package or component libQt5Concurrent5 Operating systems & Components / Operating system package or component libQt5OpenGL5 Operating systems & Components / Operating system package or component libQt5Core5 Operating systems & Components / Operating system package or component libQt5DBus5 Operating systems & Components / Operating system package or component libQt5Sql5-postgresql Operating systems & Components / Operating system package or component libQt5Network5 Operating systems & Components / Operating system package or component libQt5PrintSupport5-debuginfo Operating systems & Components / Operating system package or component libQt5Sql5-unixODBC Operating systems & Components / Operating system package or component libQt5Test5 Operating systems & Components / Operating system package or component libQt5Concurrent5-debuginfo Operating systems & Components / Operating system package or component libQt5Gui5 Operating systems & Components / Operating system package or component libQt5Xml5-debuginfo Operating systems & Components / Operating system package or component libQt5Sql5-mysql-debuginfo Operating systems & Components / Operating system package or component libQt5Sql5-postgresql-debuginfo Operating systems & Components / Operating system package or component libQt5Core5-debuginfo Operating systems & Components / Operating system package or component libQt5Sql5 Operating systems & Components / Operating system package or component libQt5DBus5-debuginfo Operating systems & Components / Operating system package or component libQt5Sql5-debuginfo Operating systems & Components / Operating system package or component libQt5Xml5 Operating systems & Components / Operating system package or component libQt5Gui5-debuginfo Operating systems & Components / Operating system package or component libQt5Widgets5 Operating systems & Components / Operating system package or component libQt5Test5-debuginfo Operating systems & Components / Operating system package or component libQt5Sql5-mysql Operating systems & Components / Operating system package or component libQt5Sql5-unixODBC-debuginfo Operating systems & Components / Operating system package or component libQt5Sql5-sqlite-debuginfo Operating systems & Components / Operating system package or component libQt5Sql5-sqlite Operating systems & Components / Operating system package or component libQt5Network5-debuginfo Operating systems & Components / Operating system package or component libQt5OpenGL-private-headers-devel Operating systems & Components / Operating system package or component libQt5Sql-private-headers-devel Operating systems & Components / Operating system package or component libQt5PrintSupport-private-headers-devel Operating systems & Components / Operating system package or component libQt5PlatformSupport-private-headers-devel Operating systems & Components / Operating system package or component libQt5Core-private-headers-devel Operating systems & Components / Operating system package or component libqt5-qtbase-private-headers-devel Operating systems & Components / Operating system package or component libQt5Widgets-private-headers-devel Operating systems & Components / Operating system package or component libQt5Gui-private-headers-devel Operating systems & Components / Operating system package or component libQt5Test-private-headers-devel Operating systems & Components / Operating system package or component libQt5DBus-private-headers-devel Operating systems & Components / Operating system package or component libQt5Network-private-headers-devel Operating systems & Components / Operating system package or component libQt5DBus-devel Operating systems & Components / Operating system package or component libQt5OpenGLExtensions-devel-static Operating systems & Components / Operating system package or component libQt5Core-devel Operating systems & Components / Operating system package or component libQt5PrintSupport-devel Operating systems & Components / Operating system package or component libQt5Test-devel Operating systems & Components / Operating system package or component libqt5-qtbase-debugsource Operating systems & Components / Operating system package or component libqt5-qtbase-common-devel Operating systems & Components / Operating system package or component libQt5Sql-devel Operating systems & Components / Operating system package or component libqt5-qtbase-common-devel-debuginfo Operating systems & Components / Operating system package or component libQt5DBus-devel-debuginfo Operating systems & Components / Operating system package or component libqt5-qtbase-devel Operating systems & Components / Operating system package or component libQt5OpenGL-devel Operating systems & Components / Operating system package or component libQt5Xml-devel Operating systems & Components / Operating system package or component libQt5Widgets-devel Operating systems & Components / Operating system package or component libQt5Gui-devel Operating systems & Components / Operating system package or component libQt5Bootstrap-devel-static Operating systems & Components / Operating system package or component libQt5PlatformSupport-devel-static Operating systems & Components / Operating system package or component libQt5PlatformHeaders-devel Operating systems & Components / Operating system package or component libQt5Concurrent-devel Operating systems & Components / Operating system package or component libQt5Network-devel Operating systems & Components / Operating system package or component
Vendor	SUSE

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU74061

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-24607

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in the Qt SQL ODBC driver plugin. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected package libqt5-qtbase to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Software Development Kit 12: SP5

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

libQt5OpenGL5-debuginfo: before 5.6.2-6.36.1

libQt5Widgets5-debuginfo: before 5.6.2-6.36.1

libQt5PrintSupport5: before 5.6.2-6.36.1

libQt5Concurrent5: before 5.6.2-6.36.1

libQt5OpenGL5: before 5.6.2-6.36.1

libQt5Core5: before 5.6.2-6.36.1

libQt5DBus5: before 5.6.2-6.36.1

libQt5Sql5-postgresql: before 5.6.2-6.36.1

libQt5Network5: before 5.6.2-6.36.1

libQt5PrintSupport5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-unixODBC: before 5.6.2-6.36.1

libQt5Test5: before 5.6.2-6.36.1

libQt5Concurrent5-debuginfo: before 5.6.2-6.36.1

libQt5Gui5: before 5.6.2-6.36.1

libQt5Xml5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-mysql-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-postgresql-debuginfo: before 5.6.2-6.36.1

libQt5Core5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5: before 5.6.2-6.36.1

libQt5DBus5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-debuginfo: before 5.6.2-6.36.1

libQt5Xml5: before 5.6.2-6.36.1

libQt5Gui5-debuginfo: before 5.6.2-6.36.1

libQt5Widgets5: before 5.6.2-6.36.1

libQt5Test5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-mysql: before 5.6.2-6.36.1

libQt5Sql5-unixODBC-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-sqlite-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-sqlite: before 5.6.2-6.36.1

libQt5Network5-debuginfo: before 5.6.2-6.36.1

libQt5OpenGL-private-headers-devel: before 5.6.2-6.36.1

libQt5Sql-private-headers-devel: before 5.6.2-6.36.1

libQt5PrintSupport-private-headers-devel: before 5.6.2-6.36.1

libQt5PlatformSupport-private-headers-devel: before 5.6.2-6.36.1

libQt5Core-private-headers-devel: before 5.6.2-6.36.1

libqt5-qtbase-private-headers-devel: before 5.6.2-6.36.1

libQt5Widgets-private-headers-devel: before 5.6.2-6.36.1

libQt5Gui-private-headers-devel: before 5.6.2-6.36.1

libQt5Test-private-headers-devel: before 5.6.2-6.36.1

libQt5DBus-private-headers-devel: before 5.6.2-6.36.1

libQt5Network-private-headers-devel: before 5.6.2-6.36.1

libQt5DBus-devel: before 5.6.2-6.36.1

libQt5OpenGLExtensions-devel-static: before 5.6.2-6.36.1

libQt5Core-devel: before 5.6.2-6.36.1

libQt5PrintSupport-devel: before 5.6.2-6.36.1

libQt5Test-devel: before 5.6.2-6.36.1

libqt5-qtbase-debugsource: before 5.6.2-6.36.1

libqt5-qtbase-common-devel: before 5.6.2-6.36.1

libQt5Sql-devel: before 5.6.2-6.36.1

libqt5-qtbase-common-devel-debuginfo: before 5.6.2-6.36.1

libQt5DBus-devel-debuginfo: before 5.6.2-6.36.1

libqt5-qtbase-devel: before 5.6.2-6.36.1

libQt5OpenGL-devel: before 5.6.2-6.36.1

libQt5Xml-devel: before 5.6.2-6.36.1

libQt5Widgets-devel: before 5.6.2-6.36.1

libQt5Gui-devel: before 5.6.2-6.36.1

libQt5Bootstrap-devel-static: before 5.6.2-6.36.1

libQt5PlatformSupport-devel-static: before 5.6.2-6.36.1

libQt5PlatformHeaders-devel: before 5.6.2-6.36.1

libQt5Concurrent-devel: before 5.6.2-6.36.1

libQt5Network-devel: before 5.6.2-6.36.1

CPE2.3

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20232971-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU76667

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-33285

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to buffer over-read via a crafted reply from a DNS server within the QDnsLookup() function in src/network/kernel/qdnslookup_unix.cpp. A remote attacker can perform a denial of service attack.

Mitigation

Update the affected package libqt5-qtbase to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Software Development Kit 12: SP5

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

libQt5OpenGL5-debuginfo: before 5.6.2-6.36.1

libQt5Widgets5-debuginfo: before 5.6.2-6.36.1

libQt5PrintSupport5: before 5.6.2-6.36.1

libQt5Concurrent5: before 5.6.2-6.36.1

libQt5OpenGL5: before 5.6.2-6.36.1

libQt5Core5: before 5.6.2-6.36.1

libQt5DBus5: before 5.6.2-6.36.1

libQt5Sql5-postgresql: before 5.6.2-6.36.1

libQt5Network5: before 5.6.2-6.36.1

libQt5PrintSupport5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-unixODBC: before 5.6.2-6.36.1

libQt5Test5: before 5.6.2-6.36.1

libQt5Concurrent5-debuginfo: before 5.6.2-6.36.1

libQt5Gui5: before 5.6.2-6.36.1

libQt5Xml5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-mysql-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-postgresql-debuginfo: before 5.6.2-6.36.1

libQt5Core5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5: before 5.6.2-6.36.1

libQt5DBus5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-debuginfo: before 5.6.2-6.36.1

libQt5Xml5: before 5.6.2-6.36.1

libQt5Gui5-debuginfo: before 5.6.2-6.36.1

libQt5Widgets5: before 5.6.2-6.36.1

libQt5Test5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-mysql: before 5.6.2-6.36.1

libQt5Sql5-unixODBC-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-sqlite-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-sqlite: before 5.6.2-6.36.1

libQt5Network5-debuginfo: before 5.6.2-6.36.1

libQt5OpenGL-private-headers-devel: before 5.6.2-6.36.1

libQt5Sql-private-headers-devel: before 5.6.2-6.36.1

libQt5PrintSupport-private-headers-devel: before 5.6.2-6.36.1

libQt5PlatformSupport-private-headers-devel: before 5.6.2-6.36.1

libQt5Core-private-headers-devel: before 5.6.2-6.36.1

libqt5-qtbase-private-headers-devel: before 5.6.2-6.36.1

libQt5Widgets-private-headers-devel: before 5.6.2-6.36.1

libQt5Gui-private-headers-devel: before 5.6.2-6.36.1

libQt5Test-private-headers-devel: before 5.6.2-6.36.1

libQt5DBus-private-headers-devel: before 5.6.2-6.36.1

libQt5Network-private-headers-devel: before 5.6.2-6.36.1

libQt5DBus-devel: before 5.6.2-6.36.1

libQt5OpenGLExtensions-devel-static: before 5.6.2-6.36.1

libQt5Core-devel: before 5.6.2-6.36.1

libQt5PrintSupport-devel: before 5.6.2-6.36.1

libQt5Test-devel: before 5.6.2-6.36.1

libqt5-qtbase-debugsource: before 5.6.2-6.36.1

libqt5-qtbase-common-devel: before 5.6.2-6.36.1

libQt5Sql-devel: before 5.6.2-6.36.1

libqt5-qtbase-common-devel-debuginfo: before 5.6.2-6.36.1

libQt5DBus-devel-debuginfo: before 5.6.2-6.36.1

libqt5-qtbase-devel: before 5.6.2-6.36.1

libQt5OpenGL-devel: before 5.6.2-6.36.1

libQt5Xml-devel: before 5.6.2-6.36.1

libQt5Widgets-devel: before 5.6.2-6.36.1

libQt5Gui-devel: before 5.6.2-6.36.1

libQt5Bootstrap-devel-static: before 5.6.2-6.36.1

libQt5PlatformSupport-devel-static: before 5.6.2-6.36.1

libQt5PlatformHeaders-devel: before 5.6.2-6.36.1

libQt5Concurrent-devel: before 5.6.2-6.36.1

libQt5Network-devel: before 5.6.2-6.36.1

CPE2.3

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20232971-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper Certificate Validation

EUVDB-ID: #VU78696

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-34410

CWE-ID: CWE-295 - Improper Certificate Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to improper validation of TLS certificate chain, where application does not always consider whether the root of a chain is a configured CA certificate. A remote attacker can perform MitM attack.

Mitigation

Update the affected package libqt5-qtbase to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Software Development Kit 12: SP5

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

libQt5OpenGL5-debuginfo: before 5.6.2-6.36.1

libQt5Widgets5-debuginfo: before 5.6.2-6.36.1

libQt5PrintSupport5: before 5.6.2-6.36.1

libQt5Concurrent5: before 5.6.2-6.36.1

libQt5OpenGL5: before 5.6.2-6.36.1

libQt5Core5: before 5.6.2-6.36.1

libQt5DBus5: before 5.6.2-6.36.1

libQt5Sql5-postgresql: before 5.6.2-6.36.1

libQt5Network5: before 5.6.2-6.36.1

libQt5PrintSupport5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-unixODBC: before 5.6.2-6.36.1

libQt5Test5: before 5.6.2-6.36.1

libQt5Concurrent5-debuginfo: before 5.6.2-6.36.1

libQt5Gui5: before 5.6.2-6.36.1

libQt5Xml5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-mysql-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-postgresql-debuginfo: before 5.6.2-6.36.1

libQt5Core5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5: before 5.6.2-6.36.1

libQt5DBus5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-debuginfo: before 5.6.2-6.36.1

libQt5Xml5: before 5.6.2-6.36.1

libQt5Gui5-debuginfo: before 5.6.2-6.36.1

libQt5Widgets5: before 5.6.2-6.36.1

libQt5Test5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-mysql: before 5.6.2-6.36.1

libQt5Sql5-unixODBC-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-sqlite-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-sqlite: before 5.6.2-6.36.1

libQt5Network5-debuginfo: before 5.6.2-6.36.1

libQt5OpenGL-private-headers-devel: before 5.6.2-6.36.1

libQt5Sql-private-headers-devel: before 5.6.2-6.36.1

libQt5PrintSupport-private-headers-devel: before 5.6.2-6.36.1

libQt5PlatformSupport-private-headers-devel: before 5.6.2-6.36.1

libQt5Core-private-headers-devel: before 5.6.2-6.36.1

libqt5-qtbase-private-headers-devel: before 5.6.2-6.36.1

libQt5Widgets-private-headers-devel: before 5.6.2-6.36.1

libQt5Gui-private-headers-devel: before 5.6.2-6.36.1

libQt5Test-private-headers-devel: before 5.6.2-6.36.1

libQt5DBus-private-headers-devel: before 5.6.2-6.36.1

libQt5Network-private-headers-devel: before 5.6.2-6.36.1

libQt5DBus-devel: before 5.6.2-6.36.1

libQt5OpenGLExtensions-devel-static: before 5.6.2-6.36.1

libQt5Core-devel: before 5.6.2-6.36.1

libQt5PrintSupport-devel: before 5.6.2-6.36.1

libQt5Test-devel: before 5.6.2-6.36.1

libqt5-qtbase-debugsource: before 5.6.2-6.36.1

libqt5-qtbase-common-devel: before 5.6.2-6.36.1

libQt5Sql-devel: before 5.6.2-6.36.1

libqt5-qtbase-common-devel-debuginfo: before 5.6.2-6.36.1

libQt5DBus-devel-debuginfo: before 5.6.2-6.36.1

libqt5-qtbase-devel: before 5.6.2-6.36.1

libQt5OpenGL-devel: before 5.6.2-6.36.1

libQt5Xml-devel: before 5.6.2-6.36.1

libQt5Widgets-devel: before 5.6.2-6.36.1

libQt5Gui-devel: before 5.6.2-6.36.1

libQt5Bootstrap-devel-static: before 5.6.2-6.36.1

libQt5PlatformSupport-devel-static: before 5.6.2-6.36.1

libQt5PlatformHeaders-devel: before 5.6.2-6.36.1

libQt5Concurrent-devel: before 5.6.2-6.36.1

libQt5Network-devel: before 5.6.2-6.36.1

CPE2.3

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20232971-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Infinite loop

EUVDB-ID: #VU78697

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38197

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop when handling recursive expansions. A remote attacker can consume all available system resources and cause denial of service conditions.

Mitigation

Update the affected package libqt5-qtbase to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Software Development Kit 12: SP5

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

libQt5OpenGL5-debuginfo: before 5.6.2-6.36.1

libQt5Widgets5-debuginfo: before 5.6.2-6.36.1

libQt5PrintSupport5: before 5.6.2-6.36.1

libQt5Concurrent5: before 5.6.2-6.36.1

libQt5OpenGL5: before 5.6.2-6.36.1

libQt5Core5: before 5.6.2-6.36.1

libQt5DBus5: before 5.6.2-6.36.1

libQt5Sql5-postgresql: before 5.6.2-6.36.1

libQt5Network5: before 5.6.2-6.36.1

libQt5PrintSupport5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-unixODBC: before 5.6.2-6.36.1

libQt5Test5: before 5.6.2-6.36.1

libQt5Concurrent5-debuginfo: before 5.6.2-6.36.1

libQt5Gui5: before 5.6.2-6.36.1

libQt5Xml5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-mysql-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-postgresql-debuginfo: before 5.6.2-6.36.1

libQt5Core5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5: before 5.6.2-6.36.1

libQt5DBus5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-debuginfo: before 5.6.2-6.36.1

libQt5Xml5: before 5.6.2-6.36.1

libQt5Gui5-debuginfo: before 5.6.2-6.36.1

libQt5Widgets5: before 5.6.2-6.36.1

libQt5Test5-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-mysql: before 5.6.2-6.36.1

libQt5Sql5-unixODBC-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-sqlite-debuginfo: before 5.6.2-6.36.1

libQt5Sql5-sqlite: before 5.6.2-6.36.1

libQt5Network5-debuginfo: before 5.6.2-6.36.1

libQt5OpenGL-private-headers-devel: before 5.6.2-6.36.1

libQt5Sql-private-headers-devel: before 5.6.2-6.36.1

libQt5PrintSupport-private-headers-devel: before 5.6.2-6.36.1

libQt5PlatformSupport-private-headers-devel: before 5.6.2-6.36.1

libQt5Core-private-headers-devel: before 5.6.2-6.36.1

libqt5-qtbase-private-headers-devel: before 5.6.2-6.36.1

libQt5Widgets-private-headers-devel: before 5.6.2-6.36.1

libQt5Gui-private-headers-devel: before 5.6.2-6.36.1

libQt5Test-private-headers-devel: before 5.6.2-6.36.1

libQt5DBus-private-headers-devel: before 5.6.2-6.36.1

libQt5Network-private-headers-devel: before 5.6.2-6.36.1

libQt5DBus-devel: before 5.6.2-6.36.1

libQt5OpenGLExtensions-devel-static: before 5.6.2-6.36.1

libQt5Core-devel: before 5.6.2-6.36.1

libQt5PrintSupport-devel: before 5.6.2-6.36.1

libQt5Test-devel: before 5.6.2-6.36.1

libqt5-qtbase-debugsource: before 5.6.2-6.36.1

libqt5-qtbase-common-devel: before 5.6.2-6.36.1

libQt5Sql-devel: before 5.6.2-6.36.1

libqt5-qtbase-common-devel-debuginfo: before 5.6.2-6.36.1

libQt5DBus-devel-debuginfo: before 5.6.2-6.36.1

libqt5-qtbase-devel: before 5.6.2-6.36.1

libQt5OpenGL-devel: before 5.6.2-6.36.1

libQt5Xml-devel: before 5.6.2-6.36.1

libQt5Widgets-devel: before 5.6.2-6.36.1

libQt5Gui-devel: before 5.6.2-6.36.1

libQt5Bootstrap-devel-static: before 5.6.2-6.36.1

libQt5PlatformSupport-devel-static: before 5.6.2-6.36.1

libQt5PlatformHeaders-devel: before 5.6.2-6.36.1

libQt5Concurrent-devel: before 5.6.2-6.36.1

libQt5Network-devel: before 5.6.2-6.36.1

CPE2.3

External links

http://www.suse.com/support/update/announcement/2023/suse-su-20232971-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.