An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters.
[ { "signature_type": "Line", "id": "CVE-2019-18281-ce26650f", "source": "https://github.com/qt/qtbase/commit/abfb1b8665923ce2824392f3a04e5e4ac3871017", "signature_version": "v1", "target": { "file": "qmake/generators/mac/pbuilder_pbx.cpp" }, "digest": { "threshold": 0.9, "line_hashes": [ "42175485319852982382716562530548920112", "269969189790789914493321821784506182077", "192896421012310542730988811461340756350", "81493618896476637973500433905196848195", "177778031528303863734575949352642260045", "204261337458403320614169416449406855994", "282401848054897177864544170876498713116", "23956863597407661719760492111577731941", "120874335481434784682992640334932410074" ] }, "deprecated": false }, { "signature_type": "Function", "id": "CVE-2019-18281-f29a5ae7", "source": "https://github.com/qt/qtbase/commit/abfb1b8665923ce2824392f3a04e5e4ac3871017", "signature_version": "v1", "target": { "function": "ProjectBuilderMakefileGenerator::writeMakeParts", "file": "qmake/generators/mac/pbuilder_pbx.cpp" }, "digest": { "function_hash": "55318626890648757947913378382764058604", "length": 55991.0 }, "deprecated": false } ]