CRITICAL🇵🇱 Wersja polska

CVE-2024-36048

CVSS 9.8v3.1pub. 2024-05-18upd. 2025-11-04

QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.

🤖 AI Analysis
How it works

The OAuth mechanism requires generating random values (e.g., state tokens, nonce) to secure the authorization flow. In vulnerable Qt versions, the QAbstractOAuth class uses system time as the sole seed for the PRNG, which is a weak source of entropy. By knowing the approximate initialization time, a remote attacker (unauthenticated) can reproduce or predict the generated random values. The CWE-335 class describes this type of error as improper seed usage in a pseudorandom number generator.

Impact

An attacker can predict values generated by the PRNG, enabling OAuth session forgery or hijacking, and consequently complete compromise of confidentiality, integrity, and availability of resources protected by the authorization mechanism.

Mitigation & patch

Qt must be updated to version 5.15.17, 6.2.13, 6.5.6, or 6.7.1 (depending on the branch in use). Fedora users should apply package updates according to notices published on Fedora Project mailing lists. Patches are available in Qt project references (codereview.qt-project.org).

Who is affected

Qt before version 5.15.17, Qt 6.x before 6.2.13, Qt 6.3.x–6.5.x before 6.5.6, and Qt 6.6.x–6.7.x before 6.7.1; affects the Qt Network Authorization component (qtnetworkauth). The vulnerability also affects Qt packages in the Fedora distribution.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Fedora Project Fedora

    OS
    Fedoraproject
    3940
  • Qt

    APP
    Qt
    < 5.15.176.0.0 – 6.2.13 (bez)6.3.0 – 6.5.6 (bez)6.6.0 – 6.7.1 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-4577CRITICAL9.8⚠ KEVPL ✓ten sam produkt

PHP CGI argument injection – RCE na Windows przez mechanizm Best-Fit

CVE-2024-5274CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w V8 (Google Chrome) — RCE przez spreparowaną stronę HTML

CVE-2024-4947CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w silniku V8 Chrome — zdalne wykonanie kodu (RCE)

CVE-2024-4671CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Use-after-free w Google Chrome Visuals umożliwiający ucieczkę z sandbox

CVE-2023-6345CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Integer overflow w Skia w Google Chrome — sandbox escape