Описание
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function jv_string_vfmt
in the jq_fuzz_execute harness from oss-fuzz. This crash happens on file jv.c, line 1456 void* p = malloc(sz);
. As of time of publication, no patched versions are available.
A flaw was found in jq, a command line JSON processor. A specially crafted input can cause a heap-based buffer over-read when formatting an empty string because it was not properly null-terminated, causing a crash and resulting in a denial of service.
Отчет
To exploit this flaw, an attacker needs to trick a user into processing a specially crafted JSON input, allowing an attacker to trigger a buffer over-read of 2 bytes and cause a crash in jq with no other security impact. Due to these reasons, this flaw has been rated with a Moderate severity. Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-126: Buffer Over-read vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low. Memory access boundaries are enforced through secure coding practices, including bounds checking and automated detection of over-read conditions during development. Static analysis and peer reviews catch improper memory handling early, reducing the risk of vulnerabilities reaching production. Memory protection mechanisms restrict access to allocated regions at runtime, and process isolation contains memory faults within the affected workload. Additionally, a defense-in-depth monitoring strategy supports real-time detection of anomalous memory activity, enabling rapid response and limiting potential impact.
Меры по смягчению последствий
Do not process untrusted input with the jq command line JSON processor.
Затронутые пакеты
Платформа | Пакет | Состояние | Рекомендация | Релиз |
---|---|---|---|---|
Red Hat Ansible Automation Platform 2 | automation-controller | Affected | ||
Red Hat Ceph Storage 4 | jq | Affected | ||
Red Hat Enterprise Linux 10 | jq | Fixed | RHSA-2025:12882 | 05.08.2025 |
Red Hat Enterprise Linux 8 | jq | Fixed | RHSA-2025:10618 | 08.07.2025 |
Red Hat Enterprise Linux 8.2 Advanced Update Support | jq | Fixed | RHSA-2025:10622 | 08.07.2025 |
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | jq | Fixed | RHSA-2025:10621 | 08.07.2025 |
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | jq | Fixed | RHSA-2025:10620 | 08.07.2025 |
Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On | jq | Fixed | RHSA-2025:10620 | 08.07.2025 |
Red Hat Enterprise Linux 8.6 Telecommunications Update Service | jq | Fixed | RHSA-2025:10620 | 08.07.2025 |
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | jq | Fixed | RHSA-2025:10620 | 08.07.2025 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function `jv_string_vfmt` in the jq_fuzz_execute harness from oss-fuzz. This crash happens on file jv.c, line 1456 `void* p = malloc(sz);`. As of time of publication, no patched versions are available.
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function `jv_string_vfmt` in the jq_fuzz_execute harness from oss-fuzz. This crash happens on file jv.c, line 1456 `void* p = malloc(sz);`. As of time of publication, no patched versions are available.
jq is a command-line JSON processor. In versions up to and including 1 ...
Уязвимость функции jv_string_vfmt функционального языка программирования jq, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.5 Medium
CVSS3