2055505 – (CVE-2022-25255) CVE-2022-25255 qt: QProcess could execute a binary from the current working directory when not found in the PATH

Bug 2055505 (CVE-2022-25255) - CVE-2022-25255 qt: QProcess could execute a binary from the current working directory when not found in the PATH

Summary: CVE-2022-25255 qt: QProcess could execute a binary from the current working d...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2022-25255
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2059851 2059852 2059853 2059854
Blocks:	2055506
TreeView+	depends on / blocked

Reported:	2022-02-17 06:29 UTC by Sandipan Roy
Modified:	2022-12-06 14:16 UTC (History)
CC List:	10 users (show)
Fixed In Version:	qt 5.15.9, qt 6.2.4
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in qt. The vulnerability occurs due to executing binaries from the current directory when the loading path failed, leading to an uncontrolled path element vulnerability. This flaw allows an attacker to execute malicious executables.
Clone Of:
Environment:
Last Closed:	2022-12-06 14:16:21 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2022:7482	0	None	None	None	2022-11-08 09:15:43 UTC
Red Hat Product Errata	RHSA-2022:8022	0	None	None	None	2022-11-15 09:58:45 UTC

Description Sandipan Roy 2022-02-17 06:29:11 UTC

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.

https://download.qt.io/official_releases/qt/6.2/qprocess6-2.diff
https://codereview.qt-project.org/c/qt/qtbase/+/393113
https://download.qt.io/official_releases/qt/5.15/qprocess5-15.diff
https://codereview.qt-project.org/c/qt/qtbase/+/396020
https://codereview.qt-project.org/c/qt/qtbase/+/394914

Comment 2 Sandipan Roy 2022-03-02 08:04:41 UTC

Created qt5 tracking bugs for this issue:

Affects: fedora-all [bug 2059851]


Created qt6 tracking bugs for this issue:

Affects: fedora-all [bug 2059852]

Comment 5 errata-xmlrpc 2022-11-08 09:15:41 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:7482 https://access.redhat.com/errata/RHSA-2022:7482

Comment 6 errata-xmlrpc 2022-11-15 09:58:43 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:8022 https://access.redhat.com/errata/RHSA-2022:8022

Comment 7 Product Security DevOps Team 2022-12-06 14:16:19 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-25255

Note You need to log in before you can comment on or make changes to this bug.