http://bugs.icu-project.org/trac/changeset/36801

http://bugs.icu-project.org/trac/ticket/11371

[oss-security] 20150205 Re: CVE request - ICU

http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html

1035410

https://chromium.googlesource.com/chromium/deps/icu/+/dd727641e190d60e4593bcb3a35c7f51eb4925c5

https://code.google.com/p/chromium/issues/detail?id=432209

GLSA-201503-06

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

According to the versions of the icu packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - Unspecified vulnerability in the Java SE and Java SE     Embedded components in Oracle Java SE 6u105, 7u91, and     8u66 and Java SE Embedded 8u65 allows remote attackers     to affect confidentiality, integrity, and availability     via unknown vectors related to 2D.(CVE-2016-0494)

  - Unspecified vulnerability in Oracle Java SE 6u101,     7u85, and 8u60, and Java SE Embedded 8u51, allows     remote attackers to affect confidentiality, integrity,     and availability via unknown vectors related to     2D.(CVE-2015-4844)

  - Stack-based buffer overflow in the Locale class in     common/locid.cpp in International Components for     Unicode (ICU) through 57.1 for C/C++ allows remote     attackers to cause a denial of service (application     crash) or possibly have unspecified other impact via a     long locale string.(CVE-2016-7415)

  - The uloc_acceptLanguageFromHTTP function in     common/uloc.cpp in International Components for Unicode     (ICU) through 57.1 for C/C++ does not ensure that there     is a '\0' character at the end of a certain temporary     array, which allows remote attackers to cause a denial     of service (out-of-bounds read) or possibly have     unspecified other impact via a call with a long     httpAcceptLanguage argument.(CVE-2016-6293)

  - The Regular Expressions package in International     Components for Unicode (ICU) for C/C++ before     2014-12-03, as used in Google Chrome before     40.0.2214.91, calculates certain values without     ensuring that they can be represented in a 24-bit     field, which allows remote attackers to cause a denial     of service (memory corruption) or possibly have     unspecified other impact via a crafted string, a     related issue to CVE-2014-7923.(CVE-2014-9654)

  - International Components for Unicode (ICU) for C/C++     before 2017-02-13 has an out-of-bounds write caused by     a heap-based buffer overflow related to the     utf8TextAccess function in common/utext.cpp and the     utext_moveIndex32* function.(CVE-2017-7868)

  - A vulnerability was found in the International     Components for Unicode (ICU). Specially crafted invalid     utf-8 text, when parsed or manipulated using particular     functions in libicu, could cause out-of-bounds heap     reads and writes potentially leading to a crash, memory     disclosure, or possibly code execution.(CVE-2017-7867)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for icu fixes the following issue :

The previous patch for CVE-2014-9654 was incorrect and lead to non-working regular expressions. This update fixes this problem (bsc#952260)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

icu was updated to fix one security issue.

This security issue was fixed :

  - CVE-2014-9654: Insufficient size limit checks in regular     expression compiler (bsc#917129).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Security fix for CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926 CVE-2014-9654

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update fixes the following security issue in icu :

CVE-2014-9654: insufficient size limit checks in regular expression compiler (bsc#917129)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

icu was updated to fix one security issue.

This security issue was fixed :

  - CVE-2014-9654: Insufficient size limit checks in regular     expression compiler (bnc#917129).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Several vulnerabilities were discovered in the International Components for Unicode (ICU) library :

CVE-2013-1569

Glyph table issue.

CVE-2013-2383

Glyph table issue.

CVE-2013-2384

Font layout issue.

CVE-2013-2419

Font processing issue.

CVE-2014-6585

Out-of-bounds read.

CVE-2014-6591

Additional out-of-bounds reads.

CVE-2014-7923

Memory corruption in regular expression comparison.

CVE-2014-7926

Memory corruption in regular expression comparison.

CVE-2014-7940

Uninitialized memory.

CVE-2014-9654

More regular expression flaws.

For Debian 6 'Squeeze', these issues have been fixed in icu version 4.4.1-8+squeeze3.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Security fix for CVE-2014-9654, CVE-2014-7923, CVE-2014-7926

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote host is affected by the vulnerability described in GLSA-201503-06 (ICU: Multiple Vulnerabilities)

    Multiple vulnerabilities have been discovered in ICU. Please review the       CVE identifiers referenced below for details.
  Impact :

    A remote attacker can cause Denial of Service.
  Workaround :

    There is no known workaround at this time.

Several vulnerabilities were discovered in the International Components for Unicode (ICU) library.

  - CVE-2013-1569     Glyph table issue.

  - CVE-2013-2383     Glyph table issue.

  - CVE-2013-2384     Font layout issue.

  - CVE-2013-2419     Font processing issue.

  - CVE-2014-6585     Out-of-bounds read.

  - CVE-2014-6591     Additional out-of-bounds reads.

  - CVE-2014-7923     Memory corruption in regular expression comparison.

  - CVE-2014-7926     Memory corruption in regular expression comparison.

  - CVE-2014-7940     Uninitialized memory.

  - CVE-2014-9654     More regular expression flaws.

USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have now been updated to fix the regression.

We apologize for the inconvenience.

It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419)

It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-6585, CVE-2014-6591)

It was discovered that ICU incorrectly handled memory operations when processing regular expressions. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.
(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)

It was discovered that ICU collator implementation incorrectly handled memory operations. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-7940).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have been temporarily backed out until the regression is investigated.

We apologize for the inconvenience.

It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419)

It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-6585, CVE-2014-6591)

It was discovered that ICU incorrectly handled memory operations when processing regular expressions. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.
(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)

It was discovered that ICU collator implementation incorrectly handled memory operations. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-7940).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419)

It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.
(CVE-2014-6585, CVE-2014-6591)

It was discovered that ICU incorrectly handled memory operations when processing regular expressions. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)

It was discovered that ICU collator implementation incorrectly handled memory operations. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.
(CVE-2014-7940).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Severity
129126	EulerOS 2.0 SP5 : icu (EulerOS-SA-2019-1969)	Nessus	Huawei Local Security Checks	critical
90595	SUSE SLES11 Security Update : icu (SUSE-SU-2016:1090-1)	Nessus	SuSE Local Security Checks	high
86538	SUSE SLED11 / SLES11 Security Update : icu (SUSE-SU-2015:1790-1)	Nessus	SuSE Local Security Checks	high
86376	Fedora 22 : icu-54.1-4.fc22 (2015-16314)	Nessus	Fedora Local Security Checks	high
86111	Fedora 23 : icu-54.1-5.fc23 (2015-16315)	Nessus	Fedora Local Security Checks	high
84427	SUSE SLED11 / SLES11 Security Update : icu (SUSE-SU-2015:1144-1)	Nessus	SuSE Local Security Checks	high
83694	SUSE SLED12 / SLES12 Security Update : icu (SUSE-SU-2015:0458-1)	Nessus	SuSE Local Security Checks	high
83476	Debian DLA-219-1 : icu security update	Nessus	Debian Local Security Checks	critical
83123	Fedora 21 : icu-52.1-6.fc21 (2015-6087)	Nessus	Fedora Local Security Checks	high
83122	Fedora 20 : icu-50.1.2-12.fc20 (2015-6084)	Nessus	Fedora Local Security Checks	high
82005	GLSA-201503-06 : ICU: Multiple Vulnerabilities	Nessus	Gentoo Local Security Checks	high
81831	Debian DSA-3187-1 : icu - security update	Nessus	Debian Local Security Checks	critical
81754	Ubuntu 12.04 LTS : icu vulnerabilities (USN-2522-3)	Nessus	Ubuntu Local Security Checks	critical
81698	Ubuntu 12.04 LTS : icu regression (USN-2522-2)	Nessus	Ubuntu Local Security Checks	critical
81668	Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : icu vulnerabilities (USN-2522-1)	Nessus	Ubuntu Local Security Checks	critical

CVE-2014-9654

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins