CVE-2024-53427

Summary

CVE-2024-53427 is a vulnerability affecting jq versions up to 1.7.1. The issue lies in the decNumberCopy function in decNumber.c, where NaN values are not adequately handled. This oversight results in a stack-based buffer overflow and out-of-bounds write. Maliciously crafted inputs, such as digit strings containing NaN, can trigger the issue when using the --slurp option and performing subtraction operations like filtering with .-. The vulnerability arises because decNumberCopy fails to account for NaN being interpreted as a numeric value. Consequently, it leads to an unexpected behavior, resulting in a buffer overflow and out-of-bounds write situation. This weakness could be exploited by an attacker to execute arbitrary code or cause a denial-of-service condition. Users of jq 1.7.1 and below are advised to update their packages to mitigate this risk. In the interim, it is strongly recommended to avoid using the --slurp option with subtraction filters on inputs containing NaN values.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.