Login Sign Up

CVE-2023-32763

7.5 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

A buffer overflow vulnerability exists in Qt's SVG rendering component when processing SVG files containing images. This can allow attackers to execute arbitrary code or cause denial of service by crafting malicious SVG files. Applications using affected Qt versions for SVG rendering are vulnerable.

💻 Affected Systems

Products:
  • Qt
  • Applications using Qt for SVG rendering
Versions: Qt 5.x before 5.15.15, Qt 6.x before 6.2.9, Qt 6.3.x through 6.5.x before 6.5.1
Operating Systems: All operating systems where Qt is installed
Default Config Vulnerable: ⚠️ Yes
Notes: Only applications that use Qt's SVG rendering capabilities are affected. Applications that don't process SVG files are not vulnerable.

📦 What is this software?

Qt by Qt

View all CVEs affecting Qt →

Qt by Qt

View all CVEs affecting Qt →

Qt by Qt

View all CVEs affecting Qt →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise if the vulnerable Qt application processes attacker-controlled SVG files.

🟠

Likely Case

Application crash (denial of service) when processing malformed SVG files, potentially disrupting application functionality.

🟢

If Mitigated

Limited impact if SVG rendering is disabled or input validation prevents malicious SVG processing.

🌐 Internet-Facing: MEDIUM - Applications that accept SVG uploads or render user-provided SVG content from the internet are at risk.
🏢 Internal Only: LOW - Risk is limited to internal users who can supply SVG files to vulnerable applications.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires the application to process a malicious SVG file. No public exploit code has been identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Qt 5.15.15, Qt 6.2.9, Qt 6.5.1 or later

Vendor Advisory: https://lists.qt-project.org/pipermail/announce/2023-May/000413.html

Restart Required: Yes

Instructions:

1. Identify Qt version in use. 2. Update to patched version: Qt 5.15.15, Qt 6.2.9, or Qt 6.5.1+. 3. Recompile applications if using Qt libraries. 4. Restart affected applications.

🔧 Temporary Workarounds

Disable SVG rendering

all

Configure applications to disable SVG file processing if not required.

Input validation

all

Implement strict validation of SVG files before processing, rejecting suspicious files.

🧯 If You Can't Patch

  • Implement network segmentation to isolate vulnerable applications
  • Deploy application allowlisting to prevent execution of unauthorized code

🔍 How to Verify

Check if Vulnerable:

Check Qt version: qmake --version or examine Qt library files. Verify if version falls within affected ranges.

Check Version:

qmake --version

Verify Fix Applied:

Confirm Qt version is 5.15.15+, 6.2.9+, or 6.5.1+ after update.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when processing SVG files
  • Memory access violation errors in application logs

Network Indicators:

  • Unusual SVG file uploads to web applications
  • SVG files with embedded images from untrusted sources

SIEM Query:

Application logs containing 'segmentation fault', 'access violation', or 'buffer overflow' during SVG processing

📊 Metadata

CVE ID: CVE-2023-32763
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-120
Published: May 28, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-32763, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)
CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)
CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)