Qt Heap-Based Buffer Overflow Vulnerability in QTextMarkdownImporter
Vulnerability
A heap-based buffer overflow vulnerability has been identified in the QTextMarkdownImporter component of Qt. This issue arises when an improperly formatted markdown file is processed, particularly if the front matter delimiter '---' is not followed by a newline before the end of the file. Affected versions include Qt 6.8.0 through 6.8.3, while versions prior to 6.6.0 are known to be safe.
Impact
Exploitation of this vulnerability leads to a heap-based buffer overflow, which can commonly result in arbitrary code execution or a crash of the application.
Reproduction
To reproduce this vulnerability, create a markdown file with front matter that includes the '---' delimiter at the end of the file without a trailing newline. When this file is parsed by QTextMarkdownImporter, the absence of the newline will cause the importer to attempt to read past the end of the string, triggering the buffer overflow.
Remediation
Users can upgrade to Qt versions 6.8.4 or 6.9.0, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.