Alerts This Week
Warning Icon 1 1,295
Alerts This Week
Warning Icon 1 1,295

Oracle Linux 10: ELSA-2025-12882 jq Moderate Integer Buffer Overflow

oracle
Calendar Grey August 5, 2025
Oracle Linux Logo Esm H88
Updates for jq in Oracle Linux 10 address critical issues including buffer overflow and integer overflow vulnerabilities.
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

Summary

[1.7.1-8.el10_0.1] - jq: jq has signed integer overflow in jv.c:jvp_array_write (CVE-2024-23337) - jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) (CVE-2025-48060)

SRPMs

http://oss.oracle.com/ol10/SRPMS-updates/jq-1.7.1-8.el10_0.1.src.rpm

x86_64

jq-1.7.1-8.el10_0.1.x86_64.rpm jq-devel-1.7.1-8.el10_0.1.x86_64.rpm

aarch64

jq-1.7.1-8.el10_0.1.aarch64.rpm jq-devel-1.7.1-8.el10_0.1.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2024-23337 CVE-2025-48060

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here