エラータID: AXSA:2022-4173:02

Release date: 
Monday, November 28, 2022 - 07:36
Affected Channels: 
Asianux Server 8 for x86_64

Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C and a small validating JSON generator.

Security Fix(es):

* yajl: heap-based buffer overflow when handling large inputs due to an integer overflow (CVE-2022-24795)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of `yajl` contain an integer overflow which leads to subsequent heap memory corruption when dealing with large (~2GB) inputs. The reallocation logic at `yajl_buf.c#L64` may result in the `need` 32bit integer wrapping to 0 when `need` approaches a value of 0x80000000 (i.e. ~2GB of data), which results in a reallocation of buf->alloc into a small heap chunk. These integers are declared as `size_t` in the 2.x branch of `yajl`, which practically prevents the issue from triggering on 64bit platforms, however this does not preclude this issue triggering on 32bit builds on which `size_t` is a 32bit integer. Subsequent population of this under-allocated heap chunk is based on the original buffer size, leading to heap memory corruption. This vulnerability mostly impacts process availability. Maintainers believe exploitation for arbitrary code execution is unlikely. A patch is available and anticipated to be part of yajl-ruby version 1.4.2. As a workaround, avoid passing large inputs to YAJL.


Update packages.

Additional Info: 



  1. yajl-2.1.0-11.el8.src.rpm
    MD5: 0b07df9a8dcfe63cd49793c13164bf62
    SHA-256: 0e54a19cd3a210e32f3025884d6cd46eab808eccc95d26eca8cf9e741111db18
    Size: 96.25 kB

Asianux Server 8 for x86_64
  1. yajl-2.1.0-11.el8.x86_64.rpm
    MD5: 47f32b60b087cc86c090e05f8a4cf45d
    SHA-256: ca81ff0e96cf97219a48a971d6d1597a52d77139244a725355638117a9f804e8
    Size: 39.66 kB
  2. yajl-devel-2.1.0-11.el8.x86_64.rpm
    MD5: 3591467e8156c8452f9580869038f67c
    SHA-256: ccea2560173006493cc09b06094b8a050503066753b4aad466029df20e8da6ad
    Size: 18.00 kB
  3. yajl-2.1.0-11.el8.i686.rpm
    MD5: 67884daad34f649a06216679e8f684e7
    SHA-256: 0e0fca711944479652fc3f86d94734f0a251e00f33e49c48d584a174abcb2c18
    Size: 40.65 kB
  4. yajl-devel-2.1.0-11.el8.i686.rpm
    MD5: 5f102cd849620466ff7fcd11865a9688
    SHA-256: ecfd19bf47fbb4697ecd1f243a6387c1ea7e7d82f93b9390b0718cb25480b632
    Size: 18.03 kB