{"id":"UBUNTU-CVE-2023-45935","details":"** DISPUTED ** Qt 6 through 6.6 was discovered to contain a NULL pointer dereference via the function QXcbConnection::initializeAllAtoms(). NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server.","modified":"2024-03-27T05:15:00Z","published":"2024-03-27T05:15:00Z","withdrawn":"2025-06-23T15:56:55Z","references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-45935"},{"type":"REPORT","url":"http://seclists.org/fulldisclosure/2024/Jan/61"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2023-45935"}],"affected":[{"package":{"name":"qt6-base","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/qt6-base"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.2.2+dfsg-5ubuntu1","6.2.2+dfsg-6ubuntu1","6.2.2+dfsg-6ubuntu2","6.2.4+dfsg-1ubuntu1","6.2.4+dfsg-2ubuntu1","6.2.4+dfsg-2ubuntu1.1"],"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-45935.json"}},{"package":{"name":"qt6-base","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/qt6-base"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.4.2+dfsg-18","6.4.2+dfsg-19","6.4.2+dfsg-19build1","6.4.2+dfsg-20","6.4.2+dfsg-21","6.4.2+dfsg-21.1build4","6.4.2+dfsg-21.1build5"],"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-45935.json"}}],"schema_version":"1.7.3"}