1329982 – (CVE-2016-4074) CVE-2016-4074 jq: stack exhaustion via jv_dump_term() function

Bug 1329982 (CVE-2016-4074) - CVE-2016-4074 jq: stack exhaustion via jv_dump_term() function

Summary: CVE-2016-4074 jq: stack exhaustion via jv_dump_term() function

Keywords:
Status:	CLOSED WONTFIX
Alias:	CVE-2016-4074
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1416711 1329986 1329987 1329988 1331210 1331211 1331212 1331213
Blocks:	1328751
TreeView+	depends on / blocked

Reported:	2016-04-25 08:41 UTC by Martin Prpič
Modified:	2025-04-17 20:01 UTC (History)
CC List:	27 users (show)
Fixed In Version:	jq 1.6
Clone Of:
Environment:
Last Closed:	2016-05-06 02:43:31 UTC
Embargoed:

Attachments	(Terms of Use)

Description Martin Prpič 2016-04-25 08:41:38 UTC

The following flaw was reported in jq:

A crash caused by stack exhaustion parsing a JSON was found. It affects, at least version 1.5 as well as the last git revision. Technical details and a reproducer are available here:

https://github.com/stedolan/jq/issues/1136

Note that this flaw can only be exloited in a service that accepts untrusted JSON files, as explained by MITRE:

http://seclists.org/oss-sec/2016/q2/141

Comment 1 Martin Prpič 2016-04-25 08:42:24 UTC

Created jq tracking bugs for this issue:

Affects: fedora-all [bug 1329986]
Affects: epel-6 [bug 1329987]
Affects: epel-7 [bug 1329988]

Note You need to log in before you can comment on or make changes to this bug.

abaron
aortega
apevec
ayoung
chrisw
dallan
eglynn
fpercoco
gkotton
jhrozek
jjoyce
jschluet
lhh
lpeer
lsvaty
markmc
mburns
mgarciac
pgrist
rbryant
rhos-maint
rhos-maint
sardella
sclewis
slong
spoore
tdecacqu