UBUNTU-CVE-2024-30161

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2024-30161
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-30161.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2024-30161
Upstream
Published
2024-03-24T01:15:00Z
Modified
2025-07-24T17:02:10Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly (wasm). (Earlier and later versions are unaffected.)

References

Affected packages

Ubuntu:Pro:16.04:LTS / qtbase-opensource-src-gles

Package

Name
qtbase-opensource-src-gles
Purl
pkg:deb/ubuntu/qtbase-opensource-src-gles@5.5.1+dfsg-16ubuntu6?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.4.2+dfsg-2ubuntu9
5.5.1+dfsg-6ubuntu1
5.5.1+dfsg-10ubuntu1
5.5.1+dfsg-13ubuntu1
5.5.1+dfsg-13ubuntu2
5.5.1+dfsg-13ubuntu3
5.5.1+dfsg-14ubuntu1
5.5.1+dfsg-14ubuntu2
5.5.1+dfsg-14ubuntu3
5.5.1+dfsg-15ubuntu1
5.5.1+dfsg-16ubuntu1
5.5.1+dfsg-16ubuntu4
5.5.1+dfsg-16ubuntu5
5.5.1+dfsg-16ubuntu6

Ubuntu:Pro:20.04:LTS / qtbase-opensource-src-gles

Package

Name
qtbase-opensource-src-gles
Purl
pkg:deb/ubuntu/qtbase-opensource-src-gles@5.12.8+dfsg-0ubuntu1?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.12.4+dfsg-1build1
5.12.5+dfsg-1
5.12.5+dfsg-2
5.12.8+dfsg-0ubuntu1

Ubuntu:22.04:LTS / qt6-base

Package

Name
qt6-base
Purl
pkg:deb/ubuntu/qt6-base@6.2.4+dfsg-2ubuntu1.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.2.2+dfsg-5ubuntu1
6.2.2+dfsg-6ubuntu1
6.2.2+dfsg-6ubuntu2
6.2.4+dfsg-1ubuntu1
6.2.4+dfsg-2ubuntu1
6.2.4+dfsg-2ubuntu1.1

Ubuntu:22.04:LTS / qtbase-opensource-src-gles

Package

Name
qtbase-opensource-src-gles
Purl
pkg:deb/ubuntu/qtbase-opensource-src-gles@5.15.3+dfsg-1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.2+dfsg-4
5.15.2+dfsg-5
5.15.3+dfsg-1

Ubuntu:24.04:LTS / qt6-base

Package

Name
qt6-base
Purl
pkg:deb/ubuntu/qt6-base@6.4.2+dfsg-21.1build5?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.4.2+dfsg-18
6.4.2+dfsg-19
6.4.2+dfsg-19build1
6.4.2+dfsg-20
6.4.2+dfsg-21
6.4.2+dfsg-21.1build4
6.4.2+dfsg-21.1build5

Ubuntu:24.04:LTS / qtbase-opensource-src-gles

Package

Name
qtbase-opensource-src-gles
Purl
pkg:deb/ubuntu/qtbase-opensource-src-gles@5.15.13+dfsg-1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.10+dfsg-2
5.15.10+dfsg-3
5.15.12+dfsg-1
5.15.12+dfsg-1ubuntu1
5.15.12+dfsg-1ubuntu2
5.15.13+dfsg-1

Ubuntu:25.04 / qt6-base

Package

Name
qt6-base
Purl
pkg:deb/ubuntu/qt6-base@6.8.3+dfsg-0ubuntu2?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.6.2+dfsg-12
6.7.2+dfsg-3
6.8.1+dfsg-0ubuntu1
6.8.1+dfsg-0ubuntu2
6.8.1+dfsg-0ubuntu4
6.8.2+dfsg-0ubuntu2
6.8.2+dfsg-5
6.8.3+dfsg-0ubuntu1
6.8.3+dfsg-0ubuntu2

Ubuntu:25.04 / qtbase-opensource-src-gles

Package

Name
qtbase-opensource-src-gles
Purl
pkg:deb/ubuntu/qtbase-opensource-src-gles@5.15.15+dfsg-2?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.15+dfsg-1
5.15.15+dfsg-2