Описание
Security update for icu
This update for icu fixes the following issues:
- CVE-2025-5222: Fixed stack buffer overflow in the SRBRoot:addTag function (bsc#1243721)
Список пакетов
SUSE Linux Enterprise Server 12 SP5-LTSS
libicu-devel-52.1-8.16.1
libicu-doc-52.1-8.16.1
libicu52_1-52.1-8.16.1
libicu52_1-32bit-52.1-8.16.1
libicu52_1-data-52.1-8.16.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
libicu-devel-52.1-8.16.1
libicu-doc-52.1-8.16.1
libicu52_1-52.1-8.16.1
libicu52_1-32bit-52.1-8.16.1
libicu52_1-data-52.1-8.16.1
Ссылки
- Link for SUSE-SU-2025:02216-1
- E-Mail link for SUSE-SU-2025:02216-1
- SUSE Security Ratings
- SUSE Bug 1243721
- SUSE CVE CVE-2025-5222 page
Описание
A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5-LTSS:libicu-devel-52.1-8.16.1
SUSE Linux Enterprise Server 12 SP5-LTSS:libicu-doc-52.1-8.16.1
SUSE Linux Enterprise Server 12 SP5-LTSS:libicu52_1-32bit-52.1-8.16.1
SUSE Linux Enterprise Server 12 SP5-LTSS:libicu52_1-52.1-8.16.1
Ссылки
- CVE-2025-5222
- SUSE Bug 1243721