Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2025-5222

Published: May 27, 2025Last modified: August 6, 2025

Description

A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.

Severity score breakdown

ParameterValue
Base score7
Attack VectorLOCAL
Attack complexityHIGH
Privileges requiredNONE
User interactionREQUIRED
ScopeUNCHANGED
ConfidentialityHIGH
Integrity impactHIGH
Availability impactHIGH
VectorCVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSicuVulnerable (72.1-r1)
25 LTSicuFixed (76.1-r1)
StreamicuFixed (76.1-r1)

References

ON THIS PAGE