{ "threat_severity" : "Moderate", "public_date" : "2025-05-21T14:34:51Z", "bugzilla" : { "description" : "jq: jq has signed integer overflow in jv.c:jvp_array_write", "id" : "2367807", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2367807" }, "cvss3" : { "cvss3_base_score" : "4.3", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "status" : "verified" }, "cwe" : "CWE-190", "details" : [ "jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. Commit de21386681c0df0104a99d9d09db23a9b2a78b1e contains a patch for the issue.", "A flaw was found in jq, a command line JSON processor. An integer overflow can occur when attempting to assign a value using an array index of 2147483647 or when creating an array with 2147483647 elements, the maximum value for a 32-bit signed integer. This issue causes out-of-bounds memory access and results in a denial of service." ], "statement" : "To exploit this flaw, an attacker needs to trick a user into processing a specially crafted JSON input, allowing an attacker to trigger an integer overflow and cause a crash in jq with no other security impact. Due to these reasons, this flaw has been rated with a Moderate severity.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2025-08-05T00:00:00Z", "advisory" : "RHSA-2025:12882", "cpe" : "cpe:/o:redhat:enterprise_linux:10.0", "package" : "jq-0:1.7.1-8.el10_0.1" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2025-07-08T00:00:00Z", "advisory" : "RHSA-2025:10618", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "jq-0:1.6-11.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date" : "2025-07-08T00:00:00Z", "advisory" : "RHSA-2025:10622", "cpe" : "cpe:/a:redhat:rhel_aus:8.2", "package" : "jq-0:1.5-12.el8_2.1" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date" : "2025-07-08T00:00:00Z", "advisory" : "RHSA-2025:10621", "cpe" : "cpe:/a:redhat:rhel_aus:8.4", "package" : "jq-0:1.5-12.el8_4.4" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date" : "2025-07-08T00:00:00Z", "advisory" : "RHSA-2025:10620", "cpe" : "cpe:/a:redhat:rhel_aus:8.6", "package" : "jq-0:1.6-3.el8_6.1" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On", "release_date" : "2025-07-08T00:00:00Z", "advisory" : "RHSA-2025:10620", "cpe" : "cpe:/a:redhat:rhel_eus_long_life:8.6", "package" : "jq-0:1.6-3.el8_6.1" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date" : "2025-07-08T00:00:00Z", "advisory" : "RHSA-2025:10620", "cpe" : "cpe:/a:redhat:rhel_tus:8.6", "package" : "jq-0:1.6-3.el8_6.1" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date" : "2025-07-08T00:00:00Z", "advisory" : "RHSA-2025:10620", "cpe" : "cpe:/a:redhat:rhel_e4s:8.6", "package" : "jq-0:1.6-3.el8_6.1" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date" : "2025-07-08T00:00:00Z", "advisory" : "RHSA-2025:10619", "cpe" : "cpe:/a:redhat:rhel_tus:8.8", "package" : "jq-0:1.6-6.el8_8.3" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date" : "2025-07-08T00:00:00Z", "advisory" : "RHSA-2025:10619", "cpe" : "cpe:/a:redhat:rhel_e4s:8.8", "package" : "jq-0:1.6-6.el8_8.3" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-07-08T00:00:00Z", "advisory" : "RHSA-2025:10585", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "jq-0:1.6-17.el9_6.2" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2025-07-08T00:00:00Z", "advisory" : "RHSA-2025:10616", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "jq-0:1.6-12.el9_0.1" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date" : "2025-07-08T00:00:00Z", "advisory" : "RHSA-2025:10615", "cpe" : "cpe:/a:redhat:rhel_e4s:9.2", "package" : "jq-0:1.6-15.el9_2.2" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2025-07-08T00:00:00Z", "advisory" : "RHSA-2025:10613", "cpe" : "cpe:/o:redhat:rhel_eus:9.4", "package" : "jq-0:1.6-16.el9_4.1" } ], "package_state" : [ { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Fix deferred", "package_name" : "automation-controller", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ceph Storage 4", "fix_state" : "Fix deferred", "package_name" : "jq", "cpe" : "cpe:/a:redhat:ceph_storage:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Fix deferred", "package_name" : "rhcos", "cpe" : "cpe:/a:redhat:openshift:4" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-23337\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-23337\nhttps://github.com/jqlang/jq/commit/de21386681c0df0104a99d9d09db23a9b2a78b1e\nhttps://github.com/jqlang/jq/issues/3262\nhttps://github.com/jqlang/jq/security/advisories/GHSA-2q6r-344g-cx46" ], "name" : "CVE-2024-23337", "mitigation" : { "value" : "Do not process untrusted input with the jq command line JSON processor.", "lang" : "en:us" }, "csaw" : false }