{"id":"UBUNTU-CVE-2025-3512","details":"There is a Heap-based Buffer Overflow vulnerability in QTextMarkdownImporter. This requires an incorrectly formatted markdown file to be passed to QTextMarkdownImporter to trigger the overflow.This issue affects Qt from 6.8.0 to 6.8.4. Versions up to 6.6.0 are known to be unaffected, and the fix is in 6.8.4 and later.","modified":"2026-05-20T16:21:26.261849619Z","published":"2025-04-11T08:15:00Z","upstream":["CVE-2025-3512"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-3512"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2025-3512"},{"type":"REPORT","url":"https://codereview.qt-project.org/c/qt/qtbase/+/635546"}],"affected":[{"package":{"name":"qtbase-opensource-src-gles","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/qtbase-opensource-src-gles?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.4.2+dfsg-2ubuntu9","5.5.1+dfsg-6ubuntu1","5.5.1+dfsg-10ubuntu1","5.5.1+dfsg-13ubuntu1","5.5.1+dfsg-13ubuntu2","5.5.1+dfsg-13ubuntu3","5.5.1+dfsg-14ubuntu1","5.5.1+dfsg-14ubuntu2","5.5.1+dfsg-14ubuntu3","5.5.1+dfsg-15ubuntu1","5.5.1+dfsg-16ubuntu1","5.5.1+dfsg-16ubuntu4","5.5.1+dfsg-16ubuntu5","5.5.1+dfsg-16ubuntu6"],"ecosystem_specific":{"binaries":[{"binary_version":"5.5.1+dfsg-16ubuntu6","binary_name":"libqt5gui5-gles"},{"binary_version":"5.5.1+dfsg-16ubuntu6","binary_name":"libqt5opengl5-gles"},{"binary_version":"5.5.1+dfsg-16ubuntu6","binary_name":"qt5-qmake-gles"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-3512.json"}},{"package":{"name":"qtbase-opensource-src-gles","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/qtbase-opensource-src-gles?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.12.4+dfsg-1build1","5.12.5+dfsg-1","5.12.5+dfsg-2","5.12.8+dfsg-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.12.8+dfsg-0ubuntu1","binary_name":"libqt5gui5-gles"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-3512.json"}},{"package":{"name":"qt6-base","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/qt6-base?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.2.2+dfsg-5ubuntu1","6.2.2+dfsg-6ubuntu1","6.2.2+dfsg-6ubuntu2","6.2.4+dfsg-1ubuntu1","6.2.4+dfsg-2ubuntu1","6.2.4+dfsg-2ubuntu1.1"],"ecosystem_specific":{"binaries":[{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6concurrent6"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6core6"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6dbus6"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6gui6"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6network6"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6opengl6"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6openglwidgets6"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6printsupport6"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6sql6"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6sql6-ibase"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6sql6-mysql"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6sql6-odbc"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6sql6-psql"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6sql6-sqlite"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6test6"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6widgets6"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"libqt6xml6"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"qmake6"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"qmake6-bin"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"qt6-base-dev-tools"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"qt6-gtk-platformtheme"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"qt6-qpa-plugins"},{"binary_version":"6.2.4+dfsg-2ubuntu1.1","binary_name":"qt6-xdgdesktopportal-platformtheme"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-3512.json"}},{"package":{"name":"qtbase-opensource-src-gles","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/qtbase-opensource-src-gles?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.15.2+dfsg-4","5.15.2+dfsg-5","5.15.3+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.15.3+dfsg-1","binary_name":"libqt5gui5-gles"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-3512.json"}},{"package":{"name":"qt6-base","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/qt6-base?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.4.2+dfsg-18","6.4.2+dfsg-19","6.4.2+dfsg-19build1","6.4.2+dfsg-20","6.4.2+dfsg-21","6.4.2+dfsg-21.1build4","6.4.2+dfsg-21.1build5"],"ecosystem_specific":{"binaries":[{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6concurrent6t64"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6core6t64"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6dbus6t64"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6gui6t64"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6network6t64"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6opengl6t64"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6openglwidgets6t64"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6printsupport6t64"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6sql6-ibase"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6sql6-mysql"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6sql6-odbc"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6sql6-psql"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6sql6-sqlite"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6sql6t64"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6test6t64"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6widgets6t64"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"libqt6xml6t64"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"qmake6"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"qmake6-bin"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"qt6-base-dev-tools"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"qt6-base-doc-html"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"qt6-base-examples"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"qt6-gtk-platformtheme"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"qt6-qpa-plugins"},{"binary_version":"6.4.2+dfsg-21.1build5","binary_name":"qt6-xdgdesktopportal-platformtheme"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-3512.json"}},{"package":{"name":"qtbase-opensource-src-gles","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/qtbase-opensource-src-gles?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.15.10+dfsg-2","5.15.10+dfsg-3","5.15.12+dfsg-1","5.15.12+dfsg-1ubuntu1","5.15.12+dfsg-1ubuntu2","5.15.13+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.15.13+dfsg-1","binary_name":"libqt5gui5-gles"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-3512.json"}},{"package":{"name":"qt6-base","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/qt6-base?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.8.3+dfsg-0ubuntu2","6.8.3+dfsg-0ubuntu3","6.9.2+dfsg-1ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6concurrent6"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6core6t64"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6dbus6"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6gui6"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6network6"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6opengl6"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6openglwidgets6"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6printsupport6"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6sql6"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6sql6-ibase"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6sql6-mysql"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6sql6-odbc"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6sql6-psql"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6sql6-sqlite"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6test6"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6widgets6"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"libqt6xml6"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"qmake6"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"qmake6-bin"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"qt6-base-dev-tools"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"qt6-base-doc-html"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"qt6-base-examples"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"qt6-gtk-platformtheme"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"qt6-qpa-plugins"},{"binary_version":"6.9.2+dfsg-1ubuntu1","binary_name":"qt6-xdgdesktopportal-platformtheme"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-3512.json"}},{"package":{"name":"qtbase-opensource-src-gles","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/qtbase-opensource-src-gles?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.15.15+dfsg-2","5.15.17+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.15.17+dfsg-1","binary_name":"libqt5gui5-gles"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-3512.json"}},{"package":{"name":"qt6-base","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/qt6-base?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.9.2+dfsg-1ubuntu1","6.9.2+dfsg-2","6.9.2+dfsg-3ubuntu1","6.9.2+dfsg-3ubuntu2","6.9.2+dfsg-4","6.10.2+dfsg-3","6.10.2+dfsg-6","6.10.2+dfsg-7"],"ecosystem_specific":{"binaries":[{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6concurrent6"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6core6t64"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6dbus6"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6gui6"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6network6"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6opengl6"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6openglwidgets6"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6printsupport6"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6sql6"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6sql6-ibase"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6sql6-mysql"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6sql6-odbc"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6sql6-psql"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6sql6-sqlite"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6test6"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6waylandclient6"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6widgets6"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6wlshellintegration6"},{"binary_version":"6.10.2+dfsg-7","binary_name":"libqt6xml6"},{"binary_version":"6.10.2+dfsg-7","binary_name":"qmake6"},{"binary_version":"6.10.2+dfsg-7","binary_name":"qmake6-bin"},{"binary_version":"6.10.2+dfsg-7","binary_name":"qt6-base-dev-tools"},{"binary_version":"6.10.2+dfsg-7","binary_name":"qt6-base-doc-html"},{"binary_version":"6.10.2+dfsg-7","binary_name":"qt6-base-examples"},{"binary_version":"6.10.2+dfsg-7","binary_name":"qt6-gtk-platformtheme"},{"binary_version":"6.10.2+dfsg-7","binary_name":"qt6-qpa-plugins"},{"binary_version":"6.10.2+dfsg-7","binary_name":"qt6-xdgdesktopportal-platformtheme"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-3512.json"}},{"package":{"name":"qtbase-opensource-src-gles","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/qtbase-opensource-src-gles?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.15.17+dfsg-1","5.15.17+dfsg-2","5.15.18+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.15.18+dfsg-1","binary_name":"libqt5gui5-gles"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-3512.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/U:Clear"},{"type":"Ubuntu","score":"medium"}]}