CVE Vulnerability

CVE-2021-3481

A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.

7.1 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://codereview.qt-project.org/c/qt/qtsvg/+/337646 Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1931444 Issue Tracking Third Party Advisory
https://bugreports.qt.io/browse/QTBUG-91507 Exploit Vendor Advisory
https://access.redhat.com/security/cve/CVE-2021-3481 Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:qt:qt:5.15.1:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:qt:qt:6.0.0:-:*:*:*:*:*:*
cpe:2.3:a:qt:qt:6.2.0:-:*:*:*:*:*:*
Information

Published : 2022-08-22 03:15

Updated : 2022-08-25 12:42

NVD link : CVE-2021-3481

Mitre link : CVE-2021-3481

Products Affected
No products.
CWE
CWE-125

Out-of-bounds Read