Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 24 Apr 2016 10:44:39 +0200
From: Gustavo Grieco <>
Subject: CVE Request: jq: stack exhaustion using jv_dump_term() function


A crash caused by stack exhaustion parsing a JSON was found. It affects, at
least version 1.5 as well as the last git revision. Technical details and a
reproducer are available here:

This crash was found by QuickFuzz working with Radamsa (that caused the
extreme mutation)


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ