CVE-2025-5222
EUVD-2025-1630627.05.2025, 21:15
A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| unicode | international_components_for_unicode | 𝑥 < 77.1 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| Siemens | SIDIS Secured SmartPlug | 𝑥 < V7.26.0310 | ADP |
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libicu-devel |
| ||||||||||||||||||||||
| libicu-doc |
| ||||||||||||||||||||||
| libicu-suse65_1 |
| ||||||||||||||||||||||
| libicu-suse65_1-32bit |
| ||||||||||||||||||||||
| libicu52_1 |
| ||||||||||||||||||||||
| libicu52_1-32bit |
| ||||||||||||||||||||||
| libicu52_1-data |
| ||||||||||||||||||||||
| libicu60_2 |
| ||||||||||||||||||||||
| libicu60_2-bedata |
| ||||||||||||||||||||||
| libicu60_2-ledata |
| ||||||||||||||||||||||
| libicu65_1-bedata |
| ||||||||||||||||||||||
| libicu65_1-ledata |
|
Red Hat Enterprise Linux Releases
Amazon Linux Releases
Amazon Package | |||||
|---|---|---|---|---|---|
| icu |
| ||||
| icu-debuginfo |
| ||||
| icu-debugsource |
| ||||
| libicu |
| ||||
| libicu-debuginfo |
| ||||
| libicu-devel |
| ||||
| libicu-devel-debuginfo |
| ||||
| libicu-doc |
| ||||
| libicu60 |
| ||||
| libicu60-debuginfo |
| ||||
| libicu60-devel |
| ||||
| libicu60-doc |
|
Azure Linux Releases
References