CVE-2024-53427

一、漏洞信息
 漏洞编号：[CVE-2024-53427](https://nvd.nist.gov/vuln/detail/CVE-2024-53427)
 漏洞归属组件：[jq](https://gitee.com/src-openeuler/jq)
 漏洞归属的版本：1.5,1.7.1
 CVSS V3.0分值：
  BaseScore：8.1 High
  Vector：CVSS：3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
 漏洞简述：
  decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form of digit string with NaN (e.g.,  1 NaN123  immediately followed by many more digits).
 漏洞公开时间：2025-02-27 00:15:16
 漏洞创建时间：2025-02-27 00:48:36
 漏洞详情参考链接：
  https://nvd.nist.gov/vuln/detail/CVE-2024-53427
<details>
<summary>更多参考(点击展开)</summary>

| 参考来源 | 参考链接 | 来源链接 |
| ------- | -------- | -------- |
| cve.mitre.org | https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92 |  |
| cve.mitre.org | https://github.com/jqlang/jq/blob/71c2ab509a8628dbbad4bc7b3f98a64aa90d3297/src/decNumber/decNumber.c#L3375 |  |
| cve.mitre.org | https://github.com/jqlang/jq/issues/3196 |  |
| cve.mitre.org | https://github.com/jqlang/jq/issues/3296 |  |
| cve.mitre.org | https://github.com/jqlang/jq/security/advisories/GHSA-x6c3-qv5r-7q22 |  |
| suse_bugzilla | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-53427 | https://bugzilla.suse.com/show_bug.cgi?id=1238078 |
| suse_bugzilla | https://bugzilla.redhat.com/show_bug.cgi?id=2348420 | https://bugzilla.suse.com/show_bug.cgi?id=1238078 |
| debian |  | https://security-tracker.debian.org/tracker/CVE-2024-53427 |
| anolis |  | https://anas.openanolis.cn/cves/detail/CVE-2024-53427 |

</details>

漏洞分析指导链接：
  https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
 漏洞数据来源:
  openBrain开源漏洞感知系统
 漏洞补丁信息：
  <details>
<summary>详情(点击展开)</summary>

无
</details>

二、漏洞分析结构反馈
 影响性分析说明：
  decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form of digit string with NaN (e.g.,  1 NaN123  immediately followed by many more digits).
 openEuler评分：
  8.1
 Vector：CVSS：3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
 受影响版本排查(受影响/不受影响)：
  1.master:受影响
2.openEuler-20.03-LTS-SP4:不受影响
3.openEuler-22.03-LTS-SP3(1.6):不受影响
4.openEuler-22.03-LTS-SP4(1.6):不受影响
5.openEuler-24.03-LTS(1.6):不受影响
6.openEuler-24.03-LTS-Next(1.6):不受影响
7.openEuler-24.03-LTS-SP1(1.6):不受影响
8.openEuler-24.03-LTS-SP2(1.6):不受影响

修复是否涉及abi变化(是/否)：
  1.master:否
2.openEuler-20.03-LTS-SP4:否
3.openEuler-22.03-LTS-SP3(1.6):否
4.openEuler-22.03-LTS-SP4(1.6):否
5.openEuler-24.03-LTS(1.6):否
6.openEuler-24.03-LTS-Next(1.6):否
7.openEuler-24.03-LTS-SP1(1.6):否
8.openEuler-24.03-LTS-SP2(1.6):否

原因说明：
  1.master:正常修复
2.openEuler-20.03-LTS-SP4:不受影响-漏洞代码不存在
3.openEuler-22.03-LTS-SP3(1.6):不受影响-漏洞代码不存在
4.openEuler-22.03-LTS-SP4(1.6):不受影响-漏洞代码不存在
5.openEuler-24.03-LTS(1.6):不受影响-漏洞代码不存在
6.openEuler-24.03-LTS-Next(1.6):不受影响-漏洞代码不存在
7.openEuler-24.03-LTS-SP1(1.6):不受影响-漏洞代码不存在
8.openEuler-24.03-LTS-SP2(1.6):不受影响-漏洞代码不存在

src-openEuler/jq

内容风险标识

评论 (12)

src-openEuler/jq .gitee-modal { width: 500px !important; }

内容风险标识

CVE-2024-53427

评论 (12)

搜索帮助

src-openEuler/jq