Subnavigation

Security advisory: Potential Buffer Overflow when reading KTX images

February 15, 2024 by Andy Shaw | Comments

A recently reported potential buffer overflow issue in Qt’s KTX’s image handling has been assigned the CVE id CVE-2024-25580.

An issue was discovered in Qt from 5.12.0 through 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2.

With a specifically crafted KTX image file it is possible that the application reading it could cause an overflow and subsequently a crash.

Solution: Apply the following patch or update to Qt 5.15.17, Qt 6.2.12, Qt 6.5.5 or Qt 6.6.2.

Patches:

dev: https://codereview.qt-project.org/c/qt/qtbase/+/536680
Qt 6.6: https://codereview.qt-project.org/c/qt/qtbase/+/538907 or https://download.qt.io/official_releases/qt/6.6/CVE-2024-25580-qtbase-6.6.diff
Qt 6.5: https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/539051 or https://download.qt.io/official_releases/qt/6.5/CVE-2024-25580-qtbase-6.5.diff
Qt 6.2: https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/539174 or https://download.qt.io/official_releases/qt/6.2/CVE-2024-25580-qtbase-6.2.diff
Qt 5.15: https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/539259 or https://download.qt.io/official_releases/qt/5.15/CVE-2024-25580-qtbase-5.15.diff
Blog Topics:

Comments

Newt Carbon
0 points
9 months ago

Hi guys. I am very happy with my choice of Captain Cooks Casino ! The site offers an incredible variety of games, allowing everyone to find something to their liking. The design of the site is modern and pleasing to the eye, and the navigation is intuitive. Generous bonuses and promotions make the game even more exciting. I especially want to note the fast and professional work of the support service - all questions are solved promptly and without problems. This casino has become my favorite place for online gaming, and I confidently recommend it to everyone!

Subscribe to our newsletter

Subscribe Newsletter

By submitting the form, you agree that Qt Group will process and store your personal information according to the Privacy Policy and may send you communications related to your request. You may unsubscribe from all communications at any time by clicking Unsubscribe or Manage Preferences in the footer of our emails.

Try Qt 6.8 Now!

Download the latest release here: www.qt.io/download.

Qt 6.8 release focuses on technology trends like spatial computing & XR, complex data visualization in 2D & 3D, and ARM-based development for desktop.

We're Hiring

Check out all our open positions here and follow us on Instagram to see what it's like to be #QtPeople.

Read Next

Feb 26, 2025

Qt Tools for Android Studio 4.0 Released

We are happy to announce the release of the Qt Tools for Android Studio..

Read Article

Jan 27, 2025

Qt Gradle Plugin 1.1 Released

Qt Gradle Plugin 1.1 (QtGP) is here! If you missed 1.0 release, I..

Read Article

Jan 23, 2025

Qt AI Assistant Experimental Released

We have released Qt AI Assistant to help you in cross-platform software..

Read Article