Описание
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function jv_string_vfmt in the jq_fuzz_execute harness from oss-fuzz. This crash happens on file jv.c, line 1456 void* p = malloc(sz);. As of time of publication, no patched versions are available.
A flaw was found in jq, a command line JSON processor. A specially crafted input can cause a heap-based buffer over-read when formatting an empty string because it was not properly null-terminated, causing a crash and resulting in a denial of service.
Отчет
To exploit this flaw, an attacker needs to trick a user into processing a specially crafted JSON input, allowing an attacker to trigger a buffer over-read of 2 bytes and cause a crash in jq with no other security impact. Due to these reasons, this flaw has been rated with a Moderate severity.
Меры по смягчению последствий
Do not process untrusted input with the jq command line JSON processor.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ansible Automation Platform 2 | automation-controller | Affected | ||
| Red Hat Ceph Storage 4 | jq | Out of support scope | ||
| Red Hat Enterprise Linux 10 | jq | Fixed | RHSA-2025:12882 | 05.08.2025 |
| Red Hat Enterprise Linux 8 | jq | Fixed | RHSA-2025:10618 | 08.07.2025 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | jq | Fixed | RHSA-2025:10622 | 08.07.2025 |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | jq | Fixed | RHSA-2025:10621 | 08.07.2025 |
| Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | jq | Fixed | RHSA-2025:10620 | 08.07.2025 |
| Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On | jq | Fixed | RHSA-2025:10620 | 08.07.2025 |
| Red Hat Enterprise Linux 8.6 Telecommunications Update Service | jq | Fixed | RHSA-2025:10620 | 08.07.2025 |
| Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | jq | Fixed | RHSA-2025:10620 | 08.07.2025 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function `jv_string_vfmt` in the jq_fuzz_execute harness from oss-fuzz. This crash happens on file jv.c, line 1456 `void* p = malloc(sz);`. As of time of publication, no patched versions are available.
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function `jv_string_vfmt` in the jq_fuzz_execute harness from oss-fuzz. This crash happens on file jv.c, line 1456 `void* p = malloc(sz);`. As of time of publication, no patched versions are available.
AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)
jq is a command-line JSON processor. In versions up to and including 1 ...
EPSS
5.5 Medium
CVSS3