CVE-2025-6338

Publication date 17 October 2025

Last updated 17 October 2025

Ubuntu priority

Description

There is an incomplete cleanup vulnerability in Qt Network's Schannel support on Windows which can lead to a Denial of Service over a long period.This issue affects Qt from 5.15.0 through 6.8.3, from 6.9.0 before 6.9.2.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
qt6-base	25.10 questing	Not affected
	25.04 plucky	Not affected
	24.04 LTS noble	Not affected
	22.04 LTS jammy	Not affected

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2025-6338
https://codereview.qt-project.org/c/qt/qtbase/+/651495