CVE-2014-0190

Publication date 8 May 2014

Last updated 24 July 2024

The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
qt4-x11	15.04 vivid	Not affected
	14.10 utopic	Not affected
	14.04 LTS trusty	Fixed 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1
	13.10 saucy	Ignored
	12.10 quantal	Ignored
	12.04 LTS precise	Fixed 4:4.8.1-0ubuntu4.9
	10.04 LTS lucid	Ignored
qtbase-opensource-src	15.04 vivid	Not affected
	14.10 utopic	Not affected
	14.04 LTS trusty	Fixed 5.2.1+dfsg-1ubuntu14.3
	13.10 saucy	Ignored
	12.10 quantal	Not in release
	12.04 LTS precise	Not in release
	10.04 LTS lucid	Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
qt4-x11	Upstream: eb13250
qtbase-opensource-src	Upstream: ?id=c5e

References

Related Ubuntu Security Notices (USN)

USN-2626-1
Qt vulnerabilities
3 June 2015

CVE-2014-0190

Status

Patch details

References

Related Ubuntu Security Notices (USN)

Other references