Issued:: 2025-07-08
Updated:: 2025-07-08

RHSA-2025:10613 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: jq security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for jq is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text.

Security Fix(es):

jq: jq has signed integer overflow in jv.c:jvp_array_write (CVE-2024-23337)
jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) (CVE-2025-48060)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
Red Hat Enterprise Linux Server - AUS 9.4 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

BZ - 2367807 - CVE-2024-23337 jq: jq has signed integer overflow in jv.c:jvp_array_write
BZ - 2367842 - CVE-2025-48060 jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)

CVEs

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
jq-1.6-16.el9_4.1.src.rpm	SHA-256: 7e6fbe8cf019a12313e45f03e570ddb143996d960b18a3ccfbc37e57ed6dc777
x86_64
jq-1.6-16.el9_4.1.i686.rpm	SHA-256: 7327ea2a481617bd47e4acdaaabf2c80bc7f90f0bec07ad9d3eba72c43a2c598
jq-1.6-16.el9_4.1.x86_64.rpm	SHA-256: 3e749ba6c201f63359c663fe8b7463e28897172d79bdc6db9216693562c1cfe2
jq-debuginfo-1.6-16.el9_4.1.i686.rpm	SHA-256: 12ff2464a141f83b0f97d2186e210b6327fcf27421fb2846f9fbccc9e8139031
jq-debuginfo-1.6-16.el9_4.1.x86_64.rpm	SHA-256: 715bc02e65586c38134e5ffe31335a471406b1e71e1835e1dd811d079561b76b
jq-debugsource-1.6-16.el9_4.1.i686.rpm	SHA-256: 732959a15f4ae3aa266c1ead83b7bbac90fcdc12d0f8960edee0a00fd699594c
jq-debugsource-1.6-16.el9_4.1.x86_64.rpm	SHA-256: a8627d9a9be16cde6e24e21f876b083e56654fe1790776e3de0355004dca435e

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
jq-1.6-16.el9_4.1.src.rpm	SHA-256: 7e6fbe8cf019a12313e45f03e570ddb143996d960b18a3ccfbc37e57ed6dc777
x86_64
jq-1.6-16.el9_4.1.i686.rpm	SHA-256: 7327ea2a481617bd47e4acdaaabf2c80bc7f90f0bec07ad9d3eba72c43a2c598
jq-1.6-16.el9_4.1.x86_64.rpm	SHA-256: 3e749ba6c201f63359c663fe8b7463e28897172d79bdc6db9216693562c1cfe2
jq-debuginfo-1.6-16.el9_4.1.i686.rpm	SHA-256: 12ff2464a141f83b0f97d2186e210b6327fcf27421fb2846f9fbccc9e8139031
jq-debuginfo-1.6-16.el9_4.1.x86_64.rpm	SHA-256: 715bc02e65586c38134e5ffe31335a471406b1e71e1835e1dd811d079561b76b
jq-debugsource-1.6-16.el9_4.1.i686.rpm	SHA-256: 732959a15f4ae3aa266c1ead83b7bbac90fcdc12d0f8960edee0a00fd699594c
jq-debugsource-1.6-16.el9_4.1.x86_64.rpm	SHA-256: a8627d9a9be16cde6e24e21f876b083e56654fe1790776e3de0355004dca435e

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
jq-1.6-16.el9_4.1.src.rpm	SHA-256: 7e6fbe8cf019a12313e45f03e570ddb143996d960b18a3ccfbc37e57ed6dc777
s390x
jq-1.6-16.el9_4.1.s390x.rpm	SHA-256: e9c1c47c6a90b81a38d67c178de4c86ec1df2e0e4d3091b609231d5de69064a3
jq-debuginfo-1.6-16.el9_4.1.s390x.rpm	SHA-256: 87cf53e3def7fe6812c0a2c8cc36cb4ac1e75fda8d029625bf0a02c12c0967bc
jq-debugsource-1.6-16.el9_4.1.s390x.rpm	SHA-256: 15bb3e18ad85a37a601de7b35de51a80d634043ecdcd322266eae5a59487abf7

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
jq-1.6-16.el9_4.1.src.rpm	SHA-256: 7e6fbe8cf019a12313e45f03e570ddb143996d960b18a3ccfbc37e57ed6dc777
ppc64le
jq-1.6-16.el9_4.1.ppc64le.rpm	SHA-256: e0ef490a44ca20c55a472ad35f12cbef0fd87957602e78a502e9107675d14728
jq-debuginfo-1.6-16.el9_4.1.ppc64le.rpm	SHA-256: 8a4c1188a17a3cb8ecd11870e4eda206d3fef70a3301abe2e0d5488a9174b88e
jq-debugsource-1.6-16.el9_4.1.ppc64le.rpm	SHA-256: 50dccfbcb74de20d19640ae37032a4d987d927a5be61a3008b57e7eda8535124

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
jq-1.6-16.el9_4.1.src.rpm	SHA-256: 7e6fbe8cf019a12313e45f03e570ddb143996d960b18a3ccfbc37e57ed6dc777
aarch64
jq-1.6-16.el9_4.1.aarch64.rpm	SHA-256: 7315f8a469034ab5afd8ba9d010dbd10c42fe13aeaf020efc4964c51ed9188ca
jq-debuginfo-1.6-16.el9_4.1.aarch64.rpm	SHA-256: 0bbfe4a8404a81d2b6d88a16270867111931710eac8a9cd8473144a2dab8289b
jq-debugsource-1.6-16.el9_4.1.aarch64.rpm	SHA-256: 163c3d04576ba302cf7f05422ec1f28f4ef65e3411e429e464ef8fe22a52d74b

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
jq-1.6-16.el9_4.1.src.rpm	SHA-256: 7e6fbe8cf019a12313e45f03e570ddb143996d960b18a3ccfbc37e57ed6dc777
ppc64le
jq-1.6-16.el9_4.1.ppc64le.rpm	SHA-256: e0ef490a44ca20c55a472ad35f12cbef0fd87957602e78a502e9107675d14728
jq-debuginfo-1.6-16.el9_4.1.ppc64le.rpm	SHA-256: 8a4c1188a17a3cb8ecd11870e4eda206d3fef70a3301abe2e0d5488a9174b88e
jq-debugsource-1.6-16.el9_4.1.ppc64le.rpm	SHA-256: 50dccfbcb74de20d19640ae37032a4d987d927a5be61a3008b57e7eda8535124

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
jq-1.6-16.el9_4.1.src.rpm	SHA-256: 7e6fbe8cf019a12313e45f03e570ddb143996d960b18a3ccfbc37e57ed6dc777
x86_64
jq-1.6-16.el9_4.1.i686.rpm	SHA-256: 7327ea2a481617bd47e4acdaaabf2c80bc7f90f0bec07ad9d3eba72c43a2c598
jq-1.6-16.el9_4.1.x86_64.rpm	SHA-256: 3e749ba6c201f63359c663fe8b7463e28897172d79bdc6db9216693562c1cfe2
jq-debuginfo-1.6-16.el9_4.1.i686.rpm	SHA-256: 12ff2464a141f83b0f97d2186e210b6327fcf27421fb2846f9fbccc9e8139031
jq-debuginfo-1.6-16.el9_4.1.x86_64.rpm	SHA-256: 715bc02e65586c38134e5ffe31335a471406b1e71e1835e1dd811d079561b76b
jq-debugsource-1.6-16.el9_4.1.i686.rpm	SHA-256: 732959a15f4ae3aa266c1ead83b7bbac90fcdc12d0f8960edee0a00fd699594c
jq-debugsource-1.6-16.el9_4.1.x86_64.rpm	SHA-256: a8627d9a9be16cde6e24e21f876b083e56654fe1790776e3de0355004dca435e

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4

SRPM
x86_64
jq-debuginfo-1.6-16.el9_4.1.i686.rpm	SHA-256: 12ff2464a141f83b0f97d2186e210b6327fcf27421fb2846f9fbccc9e8139031
jq-debuginfo-1.6-16.el9_4.1.x86_64.rpm	SHA-256: 715bc02e65586c38134e5ffe31335a471406b1e71e1835e1dd811d079561b76b
jq-debugsource-1.6-16.el9_4.1.i686.rpm	SHA-256: 732959a15f4ae3aa266c1ead83b7bbac90fcdc12d0f8960edee0a00fd699594c
jq-debugsource-1.6-16.el9_4.1.x86_64.rpm	SHA-256: a8627d9a9be16cde6e24e21f876b083e56654fe1790776e3de0355004dca435e
jq-devel-1.6-16.el9_4.1.i686.rpm	SHA-256: e00ba2fbc6173e27a83e250299cb6ed29dd5483f8cf3568b396a5fbc20de4a45
jq-devel-1.6-16.el9_4.1.x86_64.rpm	SHA-256: baae6e1d6a13083e28d4c0deaac5bcd11e7631c762a720e46d233013f831be77

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4

SRPM
ppc64le
jq-debuginfo-1.6-16.el9_4.1.ppc64le.rpm	SHA-256: 8a4c1188a17a3cb8ecd11870e4eda206d3fef70a3301abe2e0d5488a9174b88e
jq-debugsource-1.6-16.el9_4.1.ppc64le.rpm	SHA-256: 50dccfbcb74de20d19640ae37032a4d987d927a5be61a3008b57e7eda8535124
jq-devel-1.6-16.el9_4.1.ppc64le.rpm	SHA-256: 78ba900e4e6b0797c21f3d47568d5da5a770cc0b9937692e9a7b00526572dfb3

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4

SRPM
s390x
jq-debuginfo-1.6-16.el9_4.1.s390x.rpm	SHA-256: 87cf53e3def7fe6812c0a2c8cc36cb4ac1e75fda8d029625bf0a02c12c0967bc
jq-debugsource-1.6-16.el9_4.1.s390x.rpm	SHA-256: 15bb3e18ad85a37a601de7b35de51a80d634043ecdcd322266eae5a59487abf7
jq-devel-1.6-16.el9_4.1.s390x.rpm	SHA-256: 2e82b0153d9e82fbdb8c4454d09e59de8d7017b5421853ce6c9a0e9988cb38cd

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4

SRPM
aarch64
jq-debuginfo-1.6-16.el9_4.1.aarch64.rpm	SHA-256: 0bbfe4a8404a81d2b6d88a16270867111931710eac8a9cd8473144a2dab8289b
jq-debugsource-1.6-16.el9_4.1.aarch64.rpm	SHA-256: 163c3d04576ba302cf7f05422ec1f28f4ef65e3411e429e464ef8fe22a52d74b
jq-devel-1.6-16.el9_4.1.aarch64.rpm	SHA-256: 8d44f1a9c4991cf37198a6eeb44a60ccb6359842fe397aae4307734b28dc062a

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
jq-1.6-16.el9_4.1.src.rpm	SHA-256: 7e6fbe8cf019a12313e45f03e570ddb143996d960b18a3ccfbc37e57ed6dc777
aarch64
jq-1.6-16.el9_4.1.aarch64.rpm	SHA-256: 7315f8a469034ab5afd8ba9d010dbd10c42fe13aeaf020efc4964c51ed9188ca
jq-debuginfo-1.6-16.el9_4.1.aarch64.rpm	SHA-256: 0bbfe4a8404a81d2b6d88a16270867111931710eac8a9cd8473144a2dab8289b
jq-debugsource-1.6-16.el9_4.1.aarch64.rpm	SHA-256: 163c3d04576ba302cf7f05422ec1f28f4ef65e3411e429e464ef8fe22a52d74b

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
jq-1.6-16.el9_4.1.src.rpm	SHA-256: 7e6fbe8cf019a12313e45f03e570ddb143996d960b18a3ccfbc37e57ed6dc777
s390x
jq-1.6-16.el9_4.1.s390x.rpm	SHA-256: e9c1c47c6a90b81a38d67c178de4c86ec1df2e0e4d3091b609231d5de69064a3
jq-debuginfo-1.6-16.el9_4.1.s390x.rpm	SHA-256: 87cf53e3def7fe6812c0a2c8cc36cb4ac1e75fda8d029625bf0a02c12c0967bc
jq-debugsource-1.6-16.el9_4.1.s390x.rpm	SHA-256: 15bb3e18ad85a37a601de7b35de51a80d634043ecdcd322266eae5a59487abf7

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation