CVE-2018-21035
Published: 28 February 2020
In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).
Notes
Author | Note |
---|---|
mdeslaur | upstream commit just adds new settings allowing users to lower allowed frame/message size, it doesn't change the default behaviour |
Priority
Status
Package | Release | Status |
---|---|---|
qtwebsockets-opensource-src Launchpad, Ubuntu, Debian |
hirsute |
Not vulnerable
(5.15.1-2)
|
groovy |
Ignored
(end of life)
|
|
xenial |
Needs triage
|
|
bionic |
Needs triage
|
|
eoan |
Ignored
(end of life)
|
|
focal |
Needs triage
|
|
impish |
Not vulnerable
(5.15.1-2)
|
|
jammy |
Not vulnerable
(5.15.1-2)
|
|
kinetic |
Not vulnerable
(5.15.1-2)
|
|
lunar |
Not vulnerable
(5.15.1-2)
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
mantic |
Not vulnerable
(5.15.1-2)
|
|
Patches: upstream: https://github.com/qt/qtwebsockets/commit/ed93680f34e92ad0383aa4e610bb65689118ca93 |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.5 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity impact | None |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |