An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFont{FromData], then it can cause the application to crash because of missing length checks.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Qt | Qt | * | 5.15.16 (excluding) |
| Qt | Qt | 6.0.0 (including) | 6.2.10 (excluding) |
| Qt | Qt | 6.5.0 (including) | 6.5.3 (excluding) |
| Qt4-x11 | Ubuntu | bionic | * |
| Qt4-x11 | Ubuntu | trusty | * |
| Qt4-x11 | Ubuntu | trusty/esm | * |
| Qt4-x11 | Ubuntu | xenial | * |
| Qt6-base | Ubuntu | bionic | * |
| Qt6-base | Ubuntu | lunar | * |
| Qt6-base | Ubuntu | mantic | * |
| Qt6-base | Ubuntu | oracular | * |
| Qt6-base | Ubuntu | plucky | * |
| Qt6-base | Ubuntu | trusty | * |
| Qt6-base | Ubuntu | xenial | * |
| Qtbase-opensource-src | Ubuntu | bionic | * |
| Qtbase-opensource-src | Ubuntu | devel | * |
| Qtbase-opensource-src | Ubuntu | esm-apps/focal | * |
| Qtbase-opensource-src | Ubuntu | esm-apps/jammy | * |
| Qtbase-opensource-src | Ubuntu | esm-apps/noble | * |
| Qtbase-opensource-src | Ubuntu | esm-infra/bionic | * |
| Qtbase-opensource-src | Ubuntu | esm-infra/xenial | * |
| Qtbase-opensource-src | Ubuntu | focal | * |
| Qtbase-opensource-src | Ubuntu | jammy | * |
| Qtbase-opensource-src | Ubuntu | lunar | * |
| Qtbase-opensource-src | Ubuntu | mantic | * |
| Qtbase-opensource-src | Ubuntu | noble | * |
| Qtbase-opensource-src | Ubuntu | oracular | * |
| Qtbase-opensource-src | Ubuntu | plucky | * |
| Qtbase-opensource-src | Ubuntu | questing | * |
| Qtbase-opensource-src | Ubuntu | trusty | * |
| Qtbase-opensource-src | Ubuntu | xenial | * |
| Qtbase-opensource-src-gles | Ubuntu | bionic | * |
| Qtbase-opensource-src-gles | Ubuntu | devel | * |
| Qtbase-opensource-src-gles | Ubuntu | esm-apps/focal | * |
| Qtbase-opensource-src-gles | Ubuntu | esm-apps/jammy | * |
| Qtbase-opensource-src-gles | Ubuntu | esm-apps/noble | * |
| Qtbase-opensource-src-gles | Ubuntu | esm-apps/xenial | * |
| Qtbase-opensource-src-gles | Ubuntu | focal | * |
| Qtbase-opensource-src-gles | Ubuntu | jammy | * |
| Qtbase-opensource-src-gles | Ubuntu | lunar | * |
| Qtbase-opensource-src-gles | Ubuntu | mantic | * |
| Qtbase-opensource-src-gles | Ubuntu | noble | * |
| Qtbase-opensource-src-gles | Ubuntu | oracular | * |
| Qtbase-opensource-src-gles | Ubuntu | plucky | * |
| Qtbase-opensource-src-gles | Ubuntu | questing | * |
| Qtbase-opensource-src-gles | Ubuntu | trusty | * |
| Qtbase-opensource-src-gles | Ubuntu | xenial | * |