Security update for jq SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:02915-1 Final 1 1 2025-08-19T12:56:53Z current 2025-08-19T12:56:53Z 2025-08-19T12:56:53Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for jq This update for jq fixes the following issues: - CVE-2025-48060: Fixed stack-buffer-overflow in jq_fuzz_execute (bsc#1244116) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container containers/suse-ai-observability-extension-setup:1-2025-2915,Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest-2025-2915,Container suse/sle-micro-rancher/5.2:latest-2025-2915,Container suse/sle-micro-rancher/5.3:latest-2025-2915,Container suse/sle-micro-rancher/5.4:latest-2025-2915,Container suse/sle-micro/5.5:latest-2025-2915,Image SLES15-SP6-CHOST-BYOS-2025-2915,Image SLES15-SP6-CHOST-BYOS-Aliyun-2025-2915,Image SLES15-SP6-CHOST-BYOS-Azure-2025-2915,Image SLES15-SP6-CHOST-BYOS-EC2-2025-2915,Image SLES15-SP6-CHOST-BYOS-GCE-2025-2915,Image SLES15-SP6-CHOST-BYOS-GDC-2025-2915,Image SLES15-SP6-CHOST-BYOS-SAP-CCloud-2025-2915,Image ai_15_6-2025-2915,SUSE-2025-2915,SUSE-SLE-Micro-5.3-2025-2915,SUSE-SLE-Micro-5.4-2025-2915,SUSE-SLE-Micro-5.5-2025-2915,SUSE-SLE-Module-Basesystem-15-SP6-2025-2915,SUSE-SLE-Module-Basesystem-15-SP7-2025-2915,SUSE-SUSE-MicroOS-5.1-2025-2915,SUSE-SUSE-MicroOS-5.2-2025-2915,openSUSE-SLE-15.6-2025-2915 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202502915-1/ Link for SUSE-SU-2025:02915-1 https://lists.suse.com/pipermail/sle-updates/2025-August/041291.html E-Mail link for SUSE-SU-2025:02915-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1244116 SUSE Bug 1244116 https://www.suse.com/security/cve/CVE-2025-48060/ SUSE CVE CVE-2025-48060 page Container containers/suse-ai-observability-extension-setup:1 Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest Container suse/sle-micro-rancher/5.2:latest Container suse/sle-micro-rancher/5.3:latest Container suse/sle-micro-rancher/5.4:latest Container suse/sle-micro/5.5:latest Image SLES15-SP6-CHOST-BYOS Image SLES15-SP6-CHOST-BYOS-Aliyun Image SLES15-SP6-CHOST-BYOS-Azure Image SLES15-SP6-CHOST-BYOS-EC2 Image SLES15-SP6-CHOST-BYOS-GCE Image SLES15-SP6-CHOST-BYOS-GDC Image SLES15-SP6-CHOST-BYOS-SAP-CCloud Image ai_15_6 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro 5.5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 openSUSE Leap 15.6 jq-1.6-150000.3.9.1 libjq1-1.6-150000.3.9.1 libjq-devel-1.6-150000.3.9.1 jq-1.6-150000.3.9.1 as a component of Container containers/suse-ai-observability-extension-setup:1 libjq1-1.6-150000.3.9.1 as a component of Container containers/suse-ai-observability-extension-setup:1 jq-1.6-150000.3.9.1 as a component of Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest libjq1-1.6-150000.3.9.1 as a component of Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest jq-1.6-150000.3.9.1 as a component of Container suse/sle-micro-rancher/5.2:latest libjq1-1.6-150000.3.9.1 as a component of Container suse/sle-micro-rancher/5.2:latest jq-1.6-150000.3.9.1 as a component of Container suse/sle-micro-rancher/5.3:latest libjq1-1.6-150000.3.9.1 as a component of Container suse/sle-micro-rancher/5.3:latest jq-1.6-150000.3.9.1 as a component of Container suse/sle-micro-rancher/5.4:latest libjq1-1.6-150000.3.9.1 as a component of Container suse/sle-micro-rancher/5.4:latest jq-1.6-150000.3.9.1 as a component of Container suse/sle-micro/5.5:latest libjq1-1.6-150000.3.9.1 as a component of Container suse/sle-micro/5.5:latest jq-1.6-150000.3.9.1 as a component of Image SLES15-SP6-CHOST-BYOS libjq1-1.6-150000.3.9.1 as a component of Image SLES15-SP6-CHOST-BYOS jq-1.6-150000.3.9.1 as a component of Image SLES15-SP6-CHOST-BYOS-Aliyun libjq1-1.6-150000.3.9.1 as a component of Image SLES15-SP6-CHOST-BYOS-Aliyun jq-1.6-150000.3.9.1 as a component of Image SLES15-SP6-CHOST-BYOS-Azure libjq1-1.6-150000.3.9.1 as a component of Image SLES15-SP6-CHOST-BYOS-Azure jq-1.6-150000.3.9.1 as a component of Image SLES15-SP6-CHOST-BYOS-EC2 libjq1-1.6-150000.3.9.1 as a component of Image SLES15-SP6-CHOST-BYOS-EC2 jq-1.6-150000.3.9.1 as a component of Image SLES15-SP6-CHOST-BYOS-GCE libjq1-1.6-150000.3.9.1 as a component of Image SLES15-SP6-CHOST-BYOS-GCE jq-1.6-150000.3.9.1 as a component of Image SLES15-SP6-CHOST-BYOS-GDC libjq1-1.6-150000.3.9.1 as a component of Image SLES15-SP6-CHOST-BYOS-GDC jq-1.6-150000.3.9.1 as a component of Image SLES15-SP6-CHOST-BYOS-SAP-CCloud libjq1-1.6-150000.3.9.1 as a component of Image SLES15-SP6-CHOST-BYOS-SAP-CCloud jq-1.6-150000.3.9.1 as a component of Image ai_15_6 libjq1-1.6-150000.3.9.1 as a component of Image ai_15_6 jq-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Micro 5.1 libjq1-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Micro 5.1 jq-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Micro 5.2 libjq1-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Micro 5.2 jq-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Micro 5.3 libjq1-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Micro 5.3 jq-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Micro 5.4 libjq1-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Micro 5.4 jq-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Micro 5.5 libjq1-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Micro 5.5 jq-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 libjq-devel-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 libjq1-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 jq-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 libjq-devel-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 libjq1-1.6-150000.3.9.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 jq-1.6-150000.3.9.1 as a component of openSUSE Leap 15.6 libjq-devel-1.6-150000.3.9.1 as a component of openSUSE Leap 15.6 libjq1-1.6-150000.3.9.1 as a component of openSUSE Leap 15.6 jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function `jv_string_vfmt` in the jq_fuzz_execute harness from oss-fuzz. This crash happens on file jv.c, line 1456 `void* p = malloc(sz);`. As of time of publication, no patched versions are available. CVE-2025-48060 Container containers/suse-ai-observability-extension-setup:1:jq-1.6-150000.3.9.1 Container containers/suse-ai-observability-extension-setup:1:libjq1-1.6-150000.3.9.1 Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest:jq-1.6-150000.3.9.1 Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest:libjq1-1.6-150000.3.9.1 Container suse/sle-micro-rancher/5.2:latest:jq-1.6-150000.3.9.1 Container suse/sle-micro-rancher/5.2:latest:libjq1-1.6-150000.3.9.1 Container suse/sle-micro-rancher/5.3:latest:jq-1.6-150000.3.9.1 Container suse/sle-micro-rancher/5.3:latest:libjq1-1.6-150000.3.9.1 Container suse/sle-micro-rancher/5.4:latest:jq-1.6-150000.3.9.1 Container suse/sle-micro-rancher/5.4:latest:libjq1-1.6-150000.3.9.1 Container suse/sle-micro/5.5:latest:jq-1.6-150000.3.9.1 Container suse/sle-micro/5.5:latest:libjq1-1.6-150000.3.9.1 Image SLES15-SP6-CHOST-BYOS-Aliyun:jq-1.6-150000.3.9.1 Image SLES15-SP6-CHOST-BYOS-Aliyun:libjq1-1.6-150000.3.9.1 Image SLES15-SP6-CHOST-BYOS-Azure:jq-1.6-150000.3.9.1 Image SLES15-SP6-CHOST-BYOS-Azure:libjq1-1.6-150000.3.9.1 Image SLES15-SP6-CHOST-BYOS-EC2:jq-1.6-150000.3.9.1 Image SLES15-SP6-CHOST-BYOS-EC2:libjq1-1.6-150000.3.9.1 Image SLES15-SP6-CHOST-BYOS-GCE:jq-1.6-150000.3.9.1 Image SLES15-SP6-CHOST-BYOS-GCE:libjq1-1.6-150000.3.9.1 Image SLES15-SP6-CHOST-BYOS-GDC:jq-1.6-150000.3.9.1 Image SLES15-SP6-CHOST-BYOS-GDC:libjq1-1.6-150000.3.9.1 Image SLES15-SP6-CHOST-BYOS-SAP-CCloud:jq-1.6-150000.3.9.1 Image SLES15-SP6-CHOST-BYOS-SAP-CCloud:libjq1-1.6-150000.3.9.1 Image SLES15-SP6-CHOST-BYOS:jq-1.6-150000.3.9.1 Image SLES15-SP6-CHOST-BYOS:libjq1-1.6-150000.3.9.1 Image ai_15_6:jq-1.6-150000.3.9.1 Image ai_15_6:libjq1-1.6-150000.3.9.1 SUSE Linux Enterprise Micro 5.1:jq-1.6-150000.3.9.1 SUSE Linux Enterprise Micro 5.1:libjq1-1.6-150000.3.9.1 SUSE Linux Enterprise Micro 5.2:jq-1.6-150000.3.9.1 SUSE Linux Enterprise Micro 5.2:libjq1-1.6-150000.3.9.1 SUSE Linux Enterprise Micro 5.3:jq-1.6-150000.3.9.1 SUSE Linux Enterprise Micro 5.3:libjq1-1.6-150000.3.9.1 SUSE Linux Enterprise Micro 5.4:jq-1.6-150000.3.9.1 SUSE Linux Enterprise Micro 5.4:libjq1-1.6-150000.3.9.1 SUSE Linux Enterprise Micro 5.5:jq-1.6-150000.3.9.1 SUSE Linux Enterprise Micro 5.5:libjq1-1.6-150000.3.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:jq-1.6-150000.3.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:libjq-devel-1.6-150000.3.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:libjq1-1.6-150000.3.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:jq-1.6-150000.3.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libjq-devel-1.6-150000.3.9.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libjq1-1.6-150000.3.9.1 openSUSE Leap 15.6:jq-1.6-150000.3.9.1 openSUSE Leap 15.6:libjq-devel-1.6-150000.3.9.1 openSUSE Leap 15.6:libjq1-1.6-150000.3.9.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502915-1/ https://www.suse.com/security/cve/CVE-2025-48060.html CVE-2025-48060 https://bugzilla.suse.com/1244116 SUSE Bug 1244116