{"id":"CVE-2023-24607","details":"Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.","modified":"2026-03-20T12:24:15.096045Z","published":"2023-04-15T01:15:07.043Z","related":["MGASA-2023-0051","SUSE-SU-2023:1567-1","SUSE-SU-2023:2971-1","SUSE-SU-2023:2982-1","SUSE-SU-2023:3018-1","SUSE-SU-2023:3207-1","SUSE-SU-2023:3225-1","openSUSE-SU-2024:12673-1","openSUSE-SU-2024:12801-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html"},{"type":"ADVISORY","url":"https://download.qt.io/official_releases/qt/5.15/CVE-2023-24607-qtbase-5.15.diff"},{"type":"ADVISORY","url":"https://www.qt.io/blog/security-advisory-qt-sql-odbc-driver-plugin"},{"type":"ADVISORY","url":"https://www.qt.io/blog/tag/security"},{"type":"REPORT","url":"https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456217"},{"type":"REPORT","url":"https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456238"},{"type":"REPORT","url":"https://codereview.qt-project.org/c/qt/qtbase/+/456216"},{"type":"FIX","url":"https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/qt/qtbase","events":[{"introduced":"3bf50a7db9a1add66fb66b7a1f9c1d3b038c5e7f"},{"fixed":"4e158f6bfa7d0747d8da70b3b15a44b52e35bb8a"},{"introduced":"fc9cda5f08ac848e88f63dd4a07c08b2fbc6bf17"},{"fixed":"4c1c38dede55565afa846685b3e19cf8f1cfed0c"},{"introduced":"9554d315aa74eaba1726405ee09117e2ebc6111f"},{"fixed":"519d2d8f442409e86a0ee2fa16bd543342180861"},{"fixed":"aaf1381eab6292aa0444a5eadcc24165b6e1c02d"}],"database_specific":{"versions":[{"introduced":"5.0.0"},{"fixed":"5.15.13"},{"introduced":"6.0.0"},{"fixed":"6.2.8"},{"introduced":"6.3.0"},{"fixed":"6.4.3"}]}}],"versions":["v5.0.0","v5.0.1","v5.0.2","v5.1.0","v5.1.0-alpha1","v5.1.0-beta1","v5.1.0-rc1","v5.1.0-rc2","v5.1.1","v5.10.0","v5.10.0-alpha1","v5.10.0-beta1","v5.10.0-beta2","v5.10.0-beta3","v5.10.0-beta4","v5.10.0-rc1","v5.10.0-rc2","v5.10.0-rc3","v5.10.1","v5.11.0","v5.11.0-alpha1","v5.11.0-beta1","v5.11.0-beta2","v5.11.0-beta3","v5.11.0-beta4","v5.11.0-rc1","v5.11.0-rc2","v5.11.1","v5.11.2","v5.11.3","v5.12.0","v5.12.0-alpha1","v5.12.0-beta1","v5.12.0-beta2","v5.12.0-beta3","v5.12.0-beta4","v5.12.0-rc1","v5.12.0-rc2","v5.12.1","v5.12.2","v5.12.3","v5.12.4","v5.12.5","v5.13.0","v5.13.0-alpha1","v5.13.0-beta1","v5.13.0-beta2","v5.13.0-beta3","v5.13.0-beta4","v5.13.0-rc1","v5.13.0-rc2","v5.13.0-rc3","v5.13.1","v5.13.2","v5.14.0","v5.14.0-alpha1","v5.14.0-beta1","v5.14.0-beta2","v5.14.0-beta3","v5.14.0-rc1","v5.14.0-rc2","v5.14.1","v5.14.2","v5.15.0","v5.15.0-alpha1","v5.15.0-beta1","v5.15.0-beta2","v5.15.0-beta3","v5.15.0-beta4","v5.15.0-rc1","v5.15.0-rc2","v5.15.10-lts-lgpl","v5.15.11-lts-lgpl","v5.15.12-lts-lgpl","v5.15.3-lts-lgpl","v5.15.4-lts-lgpl","v5.15.5-lts-lgpl","v5.15.6-lts-lgpl","v5.15.7-lts-lgpl","v5.15.8-lts-lgpl","v5.15.9-lts-lgpl","v5.2.0","v5.2.0-alpha1","v5.2.0-beta1","v5.2.0-rc1","v5.2.1","v5.3.0","v5.3.0-alpha1","v5.3.0-beta1","v5.3.0-rc1","v5.3.1","v5.3.2","v5.4.0","v5.4.0-alpha1","v5.4.0-beta1","v5.4.0-rc1","v5.4.1","v5.4.2","v5.5.0","v5.5.0-alpha1","v5.5.0-beta1","v5.5.0-rc1","v5.5.1","v5.6.0","v5.6.0-alpha1","v5.6.0-beta1","v5.6.0-rc1","v5.6.1","v5.6.1-1","v5.6.2","v5.7.0","v5.7.0-alpha1","v5.7.0-beta1","v5.7.0-rc1","v5.7.1","v5.8.0","v5.8.0-alpha1","v5.8.0-beta1","v5.8.0-rc1","v5.9.0","v5.9.0-alpha1","v5.9.0-beta1","v5.9.0-beta2","v5.9.0-beta3","v5.9.0-beta4","v5.9.0-rc1","v5.9.0-rc2","v5.9.1","v5.9.2","v5.9.3","v5.9.4","v6.0.0-alpha1","v6.0.0-beta1","v6.0.0-beta2","v6.0.0-beta3","v6.0.0-beta4","v6.0.0-beta5","v6.2.0-alpha1","v6.2.0-beta1","v6.2.0-beta2","v6.2.0-beta3","v6.2.0-beta4","v6.2.5-lts-lgpl","v6.2.6-lts-lgpl","v6.2.7-lts-lgpl","v6.4.0-beta1","v6.4.0-beta2","v6.4.0-beta3","v6.4.0-beta4"],"database_specific":{"vanir_signatures":[{"digest":{"length":1503,"function_hash":"252800487098528502969560155377874210920"},"signature_type":"Function","deprecated":false,"id":"CVE-2023-24607-0848e401","source":"https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d","target":{"file":"src/plugins/sqldrivers/odbc/qsql_odbc.cpp","function":"QODBCResult::prepare"},"signature_version":"v1"},{"digest":{"length":2079,"function_hash":"176981847587405161815186066176953525305"},"signature_type":"Function","deprecated":false,"id":"CVE-2023-24607-3a04ccd9","source":"https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d","target":{"file":"src/plugins/sqldrivers/odbc/qsql_odbc.cpp","function":"QODBCResult::reset"},"signature_version":"v1"},{"digest":{"length":2508,"function_hash":"231767649323504619791383579173074202052"},"signature_type":"Function","deprecated":false,"id":"CVE-2023-24607-3aadcdf6","source":"https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d","target":{"file":"src/plugins/sqldrivers/odbc/qsql_odbc.cpp","function":"QODBCDriver::primaryIndex"},"signature_version":"v1"},{"digest":{"length":1781,"function_hash":"249035898946977597367542997231385299716"},"signature_type":"Function","deprecated":false,"id":"CVE-2023-24607-7df6654a","source":"https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d","target":{"file":"src/plugins/sqldrivers/odbc/qsql_odbc.cpp","function":"QODBCDriver::record"},"signature_version":"v1"},{"digest":{"length":595,"function_hash":"295101940135934345933041483191011700216"},"signature_type":"Function","deprecated":false,"id":"CVE-2023-24607-a5aaecac","source":"https://github.com/qt/qtbase/commit/519d2d8f442409e86a0ee2fa16bd543342180861","target":{"file":"src/corelib/tools/qvarlengtharray.h","function":"QVarLengthArray"},"signature_version":"v1"},{"digest":{"length":2343,"function_hash":"67831296646483273461037135050746472326"},"signature_type":"Function","deprecated":false,"id":"CVE-2023-24607-b921a37f","source":"https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d","target":{"file":"src/plugins/sqldrivers/odbc/qsql_odbc.cpp","function":"QODBCDriver::open"},"signature_version":"v1"},{"digest":{"line_hashes":["217642529427620289499003502620787255878","116716139001964074052103999807724031210","321470790418837753080398589889158344288","241908482120688129157335734488606110699","85931507992438679457998139060120233204","269283106012881717161604046071818951823","90990521189118216827308504549778186604","154435026454746122048966494386123211035","40716386662201965389155645479666922815","57439686605529833079406280594930806048","93243892512983491836551095422397007401","173410204531750785737275102910415164954","26869955747226502446073675622290375021","17303138321231635926895014358267821148","302556297761808258492598365537657747961","65402798577171812734482719301379786116","9135277449767183636344521933554634079","292969000828891717099147073204442476167","301117466471630661872296303834525553184","240189804062545303059683673070287792253","59772067679540037539435905640619181742","146471345151971056192614006168335406669","309524104779893930755916499530758084799","57483058266469252426633991949183761161","222316235965230481914755033386542233218","189714220819465519165602308706960756282","273495033246851570274378853020724232134","149357997340044632117339981399732864870","72801526388863202891208037522263763166","181652898321082679544699339750060006164","196565952345661569669257853320859470053","146684922094353461268322557272150796842","22396991709896748912509052028930976151","73172529853627839080791023834561984988","102252110266895922851222943965873788820","22970633764676780819376621199153091493","112025231129620249239455272886159086827","87725635386447058445760451791131120160","296468041839081177935276089405774118317","65295879771908575459699102460946006028","217044956021517558270063184863580359689","51353195864791972412836456197582339351","277520592720585961549749395294173761484","182493347194761557852541202914771777316","34526181246488472795543429069910113725","119375222992584113237611490838253139605","59554400843614566687816741789236451551","305801102573263774810598934439156265418","239022278838429201872579479128045748887","122588598547285151832904296254450080265","221792614301079877209855931183550206099","294093204275665402663799649398283100925","132470842970917883018690465643528223503","270349623119937855985725614104674976457","113483902513478924154274920385095290052","213422471472130706008782371085581756510","24786722821269003636934206998817046622","182493347194761557852541202914771777316","34526181246488472795543429069910113725","26842265132237637912666983224858334368","186668503974808830817767153083294067897","120162442157940422211076303087585930783","323953607529819656349016393559157009746","166720483419452408647284182906538819505","133152490838136202133911872294862178123","108672671891204149386044590706018765492","217759080297273640108891071808320927206","23262945564694321497802041084819870688","143211711392164662174878990839765490284","245325118562827352953258087501059676065","2887790236846419104109894774763636804","108243230695364339829024966253614476186","57240310449569667848935959574975444419","133759038451958793835589695282122121794","327357016662287943499059945684731278152","112000632698591786147216707396370952584","107134897313946292981093051380270514724","91145994256518314498317902644262919234","8998576765501819859639525114864423597","91805994139050163594780213942727565623","16876062457813528936661450585520002782","317968178618887529825507471525616091015","322612405862138961605207428863652270960","317968178618887529825507471525616091015","36125106701401838209286571182431680169","286563963975226011310592153655649183407","330558126787226358340674794862672657911","138912508260656935790879071682010054756","44428568242235516121410485501913831407","289475353622598405926887896716690809993","206648749712756304143777045402668751959","92666969879941325308925304822939278988","28839647773389573281808121171465478964","297744134679546520378694792017206186792","301133427892605504361333561088557662960","169783548912343500383285016621034001414","189700857183882696018582963305098426889","17768313542909086404288333200637491144","116536436860378036524245188791444171543","79627226527796577928803139925357045552","120841840128542238512335122920046209518","136816807456310545163599838350042162666","297744134679546520378694792017206186792","301133427892605504361333561088557662960","3986029626658955124633113192384591767","103357532456271250252154589398920642831","17129839854858459970454747698299280680","16716492509609484730464110307808954947","324917526262158270575938651752434431776","337229091269269207284643007045460422098","281732308478039727011066206624165670393","305482963662004714087000999139336312346","187917436761863171464555499822092426287","170353603864628260614718762261742637517","297744134679546520378694792017206186792","301133427892605504361333561088557662960","3986029626658955124633113192384591767","168831954651459449739013536369871804717","285707588399701132430632972150906696455","127222596387287275473423184300016468162","88082751744350285890377774132185644500","175271788825621109174818957388867856458"],"threshold":0.9},"signature_type":"Line","deprecated":false,"id":"CVE-2023-24607-d47fbee1","source":"https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d","target":{"file":"src/plugins/sqldrivers/odbc/qsql_odbc.cpp"},"signature_version":"v1"},{"digest":{"length":1682,"function_hash":"222837042868679194554749386866578907087"},"signature_type":"Function","deprecated":false,"id":"CVE-2023-24607-dc3f46a9","source":"https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d","target":{"file":"src/plugins/sqldrivers/odbc/qsql_odbc.cpp","function":"QODBCDriver::tables"},"signature_version":"v1"},{"digest":{"length":4153,"function_hash":"51990642598968749275452792537557796975"},"signature_type":"Function","deprecated":false,"id":"CVE-2023-24607-dd2c2e02","source":"https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d","target":{"file":"src/plugins/sqldrivers/odbc/qsql_odbc.cpp","function":"QODBCDriverPrivate::setConnectionOptions"},"signature_version":"v1"},{"digest":{"line_hashes":["174344533808791172224865101240757923064","292219089122817761886677078848108447252","157381648178923186010867101867476777242","208545306413576769817883439594691481482","21460200879669521690759595206101232051","263960305989060570785386688078128348630","174982206297014867183313898130643092065","211358169926691951945999549822585869569","244735439742552624691379035978819324955","280330701152302034312108794158040873354","294400776029424231837909997457099990489","113645022394016750227380919921066554946","320878052515778070762508008096200429102","198805573745728019413386933266673087567","69531322627785808249344120149368399243","208225844310610307393864733518722014736","310794867848066553248730596881228213280","207728896192900899649567726543019791945","9209557387873568089170733517070566958","35406923741947535377650458926203038699","5471535722605748470853744698129518205"],"threshold":0.9},"signature_type":"Line","deprecated":false,"id":"CVE-2023-24607-e4badc7f","source":"https://github.com/qt/qtbase/commit/519d2d8f442409e86a0ee2fa16bd543342180861","target":{"file":"src/corelib/tools/qvarlengtharray.h"},"signature_version":"v1"},{"digest":{"length":10047,"function_hash":"119065469992688806340197033843195026639"},"signature_type":"Function","deprecated":false,"id":"CVE-2023-24607-e4e068bb","source":"https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d","target":{"file":"src/plugins/sqldrivers/odbc/qsql_odbc.cpp","function":"QODBCResult::exec"},"signature_version":"v1"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-24607.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}