Main Vulnerability Database SB2023032757

SB2023032757 - SUSE update for qt6-base

Published: March 27, 2023

Security Bulletin ID SB2023032757

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Input validation error (CVE-ID: CVE-2023-24607)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in the Qt SQL ODBC driver plugin. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2023/suse-su-20231567-1/

Vulnerable Software

SUSE Package Hub 15: 15-SP4
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
SUSE Linux Enterprise Desktop 15: SP4
SUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
SUSE Manager Proxy: 4.3
openSUSE Leap: 15.4
qt6-docs-common: before 6.2.2-150400.4.3.1
qt6-base-private-devel: before 6.2.2-150400.4.3.1
qt6-base-devel: before 6.2.2-150400.4.3.1
qt6-platformtheme-xdgdesktopportal-debuginfo: before 6.2.2-150400.4.3.1
qt6-base-docs-qch: before 6.2.2-150400.4.3.1
libQt6Concurrent6-debuginfo: before 6.2.2-150400.4.3.1
libQt6Core6: before 6.2.2-150400.4.3.1
libQt6Gui6: before 6.2.2-150400.4.3.1
qt6-network-private-devel: before 6.2.2-150400.4.3.1
qt6-sql-unixODBC-debuginfo: before 6.2.2-150400.4.3.1
qt6-concurrent-devel: before 6.2.2-150400.4.3.1
qt6-sql-unixODBC: before 6.2.2-150400.4.3.1
qt6-sql-devel: before 6.2.2-150400.4.3.1
qt6-base-debuginfo: before 6.2.2-150400.4.3.1
libQt6Test6-debuginfo: before 6.2.2-150400.4.3.1
libQt6Xml6-debuginfo: before 6.2.2-150400.4.3.1
libQt6PrintSupport6: before 6.2.2-150400.4.3.1
qt6-sql-sqlite-debuginfo: before 6.2.2-150400.4.3.1
libQt6Core6-debuginfo: before 6.2.2-150400.4.3.1
qt6-xml-devel: before 6.2.2-150400.4.3.1
qt6-printsupport-devel: before 6.2.2-150400.4.3.1
qt6-base-common-devel-debuginfo: before 6.2.2-150400.4.3.1
qt6-base-docs-html: before 6.2.2-150400.4.3.1
libQt6Sql6: before 6.2.2-150400.4.3.1
qt6-printsupport-private-devel: before 6.2.2-150400.4.3.1
qt6-widgets-private-devel: before 6.2.2-150400.4.3.1
qt6-sql-private-devel: before 6.2.2-150400.4.3.1
qt6-dbus-devel: before 6.2.2-150400.4.3.1
qt6-sql-sqlite: before 6.2.2-150400.4.3.1
qt6-platformtheme-gtk3-debuginfo: before 6.2.2-150400.4.3.1
qt6-network-devel: before 6.2.2-150400.4.3.1
libQt6Network6-debuginfo: before 6.2.2-150400.4.3.1
qt6-sql-mysql: before 6.2.2-150400.4.3.1
qt6-xml-private-devel: before 6.2.2-150400.4.3.1
qt6-opengl-devel: before 6.2.2-150400.4.3.1
qt6-base-examples-debuginfo: before 6.2.2-150400.4.3.1
qt6-sql-postgresql: before 6.2.2-150400.4.3.1
qt6-platformtheme-gtk3: before 6.2.2-150400.4.3.1
qt6-kmssupport-private-devel: before 6.2.2-150400.4.3.1
libQt6Concurrent6: before 6.2.2-150400.4.3.1
qt6-base-common-devel: before 6.2.2-150400.4.3.1
qt6-sql-mysql-debuginfo: before 6.2.2-150400.4.3.1
qt6-network-tls: before 6.2.2-150400.4.3.1
qt6-network-tls-debuginfo: before 6.2.2-150400.4.3.1
qt6-printsupport-cups: before 6.2.2-150400.4.3.1
libQt6DBus6: before 6.2.2-150400.4.3.1
libQt6Gui6-debuginfo: before 6.2.2-150400.4.3.1
qt6-widgets-devel: before 6.2.2-150400.4.3.1
libQt6OpenGLWidgets6: before 6.2.2-150400.4.3.1
qt6-core-private-devel: before 6.2.2-150400.4.3.1
qt6-dbus-private-devel: before 6.2.2-150400.4.3.1
qt6-platformsupport-devel-static: before 6.2.2-150400.4.3.1
qt6-opengl-private-devel: before 6.2.2-150400.4.3.1
libQt6OpenGLWidgets6-debuginfo: before 6.2.2-150400.4.3.1
qt6-base-examples: before 6.2.2-150400.4.3.1
libQt6Network6: before 6.2.2-150400.4.3.1
qt6-networkinformation-nm: before 6.2.2-150400.4.3.1
qt6-gui-devel: before 6.2.2-150400.4.3.1
qt6-test-devel: before 6.2.2-150400.4.3.1
qt6-test-private-devel: before 6.2.2-150400.4.3.1
qt6-sql-postgresql-debuginfo: before 6.2.2-150400.4.3.1
qt6-platformtheme-xdgdesktopportal: before 6.2.2-150400.4.3.1
libQt6Sql6-debuginfo: before 6.2.2-150400.4.3.1
qt6-platformsupport-private-devel: before 6.2.2-150400.4.3.1
qt6-core-devel: before 6.2.2-150400.4.3.1
qt6-base-debugsource: before 6.2.2-150400.4.3.1
libQt6OpenGL6-debuginfo: before 6.2.2-150400.4.3.1
libQt6PrintSupport6-debuginfo: before 6.2.2-150400.4.3.1
libQt6Test6: before 6.2.2-150400.4.3.1
libQt6Widgets6-debuginfo: before 6.2.2-150400.4.3.1
qt6-gui-private-devel: before 6.2.2-150400.4.3.1
qt6-kmssupport-devel-static: before 6.2.2-150400.4.3.1
qt6-printsupport-cups-debuginfo: before 6.2.2-150400.4.3.1
qt6-openglwidgets-devel: before 6.2.2-150400.4.3.1
libQt6Widgets6: before 6.2.2-150400.4.3.1
libQt6OpenGL6: before 6.2.2-150400.4.3.1
libQt6DBus6-debuginfo: before 6.2.2-150400.4.3.1
qt6-networkinformation-nm-debuginfo: before 6.2.2-150400.4.3.1
libQt6Xml6: before 6.2.2-150400.4.3.1