CVE-2023-43114
- Source
- https://cve.org/CVERecord?id=CVE-2023-43114
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-43114.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-43114
- Downstream
- Related
- Published
- 2023-09-18T07:15:38.333Z
- Modified
- 2026-02-03T07:36:14.734963Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFont{FromData], then it can cause the application to crash because of missing length checks.
- References
Affected packages
Git / github.com/qt/qt5
Git / github.com/qt/qtbase
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-43114.json"
vanir_signatures
[
{
"source": "https://github.com/qt/qtbase/commit/372eaedc5b8c771c46acc4c96e91bbade4ca3624",
"digest": {
"function_hash": "38259293548902737777275712752331343392",
"length": 1886.0
},
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "QItemSelectionModelPrivate::initModel",
"file": "src/corelib/itemmodels/qitemselectionmodel.cpp"
},
"id": "CVE-2023-43114-13167ccd"
},
{
"source": "https://github.com/qt/qtbase/commit/372eaedc5b8c771c46acc4c96e91bbade4ca3624",
"digest": {
"line_hashes": [
"87361980673766272267219738812171569415",
"205524495854561398802234511811516116091",
"196697108956812034362302347937410944742",
"61748281403189272026466914579964218575",
"86554005527345536180803463393829569588",
"138972697849049708373997816242949305863",
"39658990249987524557285517040476549389",
"91037344694848986727600386580410212812",
"85752268986580132659688941271689316652",
"293640252404270675870626936474950913553",
"184571535668388517638634745445475766913",
"35388671131273319527596436102983390680",
"284303280828705192729204731703242024651",
"316507940730145078340475632468012846228"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "src/corelib/itemmodels/qitemselectionmodel.cpp"
},
"id": "CVE-2023-43114-33ee196f"
},
{
"source": "https://github.com/qt/qtbase/commit/372eaedc5b8c771c46acc4c96e91bbade4ca3624",
"digest": {
"function_hash": "153772929723627036583640333571744381705",
"length": 239.0
},
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "QItemSelectionModelPrivate::disconnectModel",
"file": "src/corelib/itemmodels/qitemselectionmodel.cpp"
},
"id": "CVE-2023-43114-67669c6f"
},
{
"source": "https://github.com/qt/qtbase/commit/372eaedc5b8c771c46acc4c96e91bbade4ca3624",
"digest": {
"line_hashes": [
"288006492465818663008628430064770650281",
"20574375947787686126921422720784265935",
"168486689155343824614617482142165887338",
"237927361158180293105380322227781034941",
"91048025042654194263877087798053120381",
"231480675520447089506303661913067745474"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "tests/auto/corelib/itemmodels/qitemselectionmodel/tst_qitemselectionmodel.cpp"
},
"id": "CVE-2023-43114-840f43c8"
}
]