Home

Description

When passing values outside of the expected range to QColorTransferGenericFunction it can cause a denial of service, for example, this can happen when passing a specifically crafted ICC profile to QColorSpace::fromICCProfile.This issue affects Qt from 6.6.0 through 6.8.3, from 6.9.0 through 6.9.1. This is fixed in 6.8.4 and 6.9.2.

PUBLISHED Reserved 2025-06-11 | Published 2025-07-11 | Updated 2025-07-11 | Assigner TQtC




LOW: 2.3CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L

Problem types

CWE-20 Improper Input Validation

Product status

Default status
unaffected

6.0.0 (python) before 6.6.0
unaffected

6.6.0 (python)
affected

6.8.4 (python)
unaffected

6.9.0 (python)
affected

6.9.2 (python)
unaffected

Credits

OSS-Fuzz finder

References

codereview.qt-project.org/c/qt/qtbase/+/647919

cve.org (CVE-2025-5992)

nvd.nist.gov (CVE-2025-5992)

Download JSON