{"id":"CVE-2024-25580","details":"An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.","modified":"2026-04-09T10:01:38.774367Z","published":"2024-03-27T03:15:12.007Z","related":["ALSA-2024:2276","ALSA-2024:3056","MGASA-2025-0046","openSUSE-SU-2024:13690-1","openSUSE-SU-2024:13775-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYE2NMN67DYHYJKLAKLGR64OYI7A63AH/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZWTGLKC3WBDHZ5OJRSEB2QUR7XXZDLZV/"},{"type":"FIX","url":"https://www.qt.io/blog/security-advisory-potential-buffer-overflow-when-reading-ktx-images"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/qt/qtbase","events":[{"introduced":"13ed06640c6cf32ea8c784c896c6bf017053edb3"},{"fixed":"8e79bee4afa2a1466f360f44fb07d24e432a82a6"},{"introduced":"fc9cda5f08ac848e88f63dd4a07c08b2fbc6bf17"},{"fixed":"3a82051eade32b34c2f4f6f652a9d8ef0db96c71"},{"introduced":"9554d315aa74eaba1726405ee09117e2ebc6111f"},{"fixed":"c8c0c677693c047a9dbf94c2a88eb920ed11acc8"},{"introduced":"33f5e985e480283bb0ca9dea5f82643e825ba87c"},{"fixed":"dec1863c7dc63e5788b0c6c061d36e856a6ae2b2"}],"database_specific":{"versions":[{"introduced":"5.12.0"},{"fixed":"5.15.17"},{"introduced":"6.0.0"},{"fixed":"6.2.12"},{"introduced":"6.3.0"},{"fixed":"6.5.5"},{"introduced":"6.6.0"},{"fixed":"6.6.2"}]}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-25580.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}