ГлавнаяУязвимости → CVE-2025-5222
7высокая

CVE-2025-5222

→ есть в БДУ: BDU:2025-10931 (на русском)
Описание (на английском; русское — в БДУ выше)

A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.

Затрагиваемое ПО
Unicode International components for unicode
CVSS
Балл7 — высокая
ВекторCVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://access.redhat.com/errata/RHSA-2025:11888https://access.redhat.com/errata/RHSA-2025:12083https://access.redhat.com/errata/RHSA-2025:12331https://access.redhat.com/errata/RHSA-2025:12332https://access.redhat.com/errata/RHSA-2025:12333https://access.redhat.com/security/cve/CVE-2025-5222https://bugzilla.redhat.com/show_bug.cgi?id=2368600https://unicode-org.atlassian.net/jira/software/c/projects/ICU/issues/ICU-22957