Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 564
Alerts This Week
Warning Icon 1 564

Oracle Linux 10 jq Important Denial of Service Fix ELSA-2026-19151

oracle
Calendar Grey July 17, 2026
Scroller Oracle
Oracle Linux 10 has important updates for jq, addressing denial of service vulnerabilities related to crafted JSON objects.
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

Summary

[1.7.1-13] - Fix CVE-2026-40164 - Denial of Service via crafted JSON object causing hash collisions [1.7.1-12] - Fix CVE-2026-39979 out-of-bounds read in jv_parse_sized()

SRPMs

http://oss.oracle.com/ol10/SRPMS-updates/jq-1.7.1-11.el10_2.2.src.rpm

x86_64

jq-1.7.1-11.el10_2.2.x86_64.rpm jq-devel-1.7.1-11.el10_2.2.x86_64.rpm

aarch64

jq-1.7.1-11.el10_2.2.aarch64.rpm jq-devel-1.7.1-11.el10_2.2.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2026-39979 CVE-2026-40164

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.