CVE-2017-14952
published 2017-10-16CVE-2017-14952: Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a…
PriorityP355critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
5.10%
91.3th percentile
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | icu | < icu 57.1-7 (bookworm) | icu 57.1-7 (bookworm) |
| icu-project | international_components_for_unicode | <= 59.1 | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
vendor_redhat9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
ICU vulnerability
vendor_ubuntu·2017-10-23
CVE-2017-14952 ICU vulnerability
Title: ICU vulnerability
Summary: ICU could be made to crash or run arbitrary code as your login
if it received specially crafted input.
It was discovered that ICU incorrectly handled certain inputs. If an
application using ICU processed crafted data, a remote attacker could
possibly cause it to crash or potentially execute arbitrary code with
the privileges of the user invoking the program.
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
ICU vulnerability
vendor_ubuntu·2017-10-23
CVE-2017-14952 ICU vulnerability
Title: ICU vulnerability
Summary: ICU could be made to crash or run arbitrary code as your login
if it received specially crafted input.
USN-3458-1 fixed a vulnerability in ICU. This update
provides the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that ICU incorrectly handled certain inputs. If an
application using ICU processed crafted data, a remote attacker could
possibly cause it to crash or potentially execute arbitrary code with
the privileges of the user invoking the program.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
icu: Double free in i18n/zonemeta.cpp
vendor_redhat·2017-08-09·CVSS 9.8
CVE-2017-14952 [CRITICAL] CWE-416 icu: Double free in i18n/zonemeta.cpp
icu: Double free in i18n/zonemeta.cpp
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.
Statement: Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Package: icu (Red Hat Enterprise Linux 5) - Not affected
Package: icu (Red Hat Enterprise Linux 6) - Will not fix
Package: icu (Red Hat Enterprise Linux 7) - Will not fix
Debian
CVE-2017-14952: icu - Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) f...
vendor_debian·2017·CVSS 9.8
CVE-2017-14952 [CRITICAL] CVE-2017-14952: icu - Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) f...
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.
Scope: local
bookworm: resolved (fixed in 57.1-7)
bullseye: resolved (fixed in 57.1-7)
forky: resolved (fixed in 57.1-7)
sid: resolved (fixed in 57.1-7)
trixie: resolved (fixed in 57.1-7)
GHSA
GHSA-35gv-g55r-237w: Double free in i18n/zonemeta
ghsa_unreviewed·2022-05-14
CVE-2017-14952 [CRITICAL] CWE-415 GHSA-35gv-g55r-237w: Double free in i18n/zonemeta
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.
OSV
CVE-2017-14952: Double free in i18n/zonemeta
osv·2017-10-16·CVSS 9.8
CVE-2017-14952 [CRITICAL] CVE-2017-14952: Double free in i18n/zonemeta
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.
No detection rules found.
No public exploits indexed.
Bugzilla
Backport CVE-2017-15422 to ESR52
bugzilla·2018-03-29·CVSS 6.5
CVE-2017-15422 [MEDIUM] Backport CVE-2017-15422 to ESR52
Backport CVE-2017-15422 to ESR52
Today, I noticed that Ubuntu updated its copy of ICU 57 to include the fix for CVE-2017-15422. From what I can tell, this was an integer overflow bug which was fixed late last year:
https://ssl.icu-project.org/trac/changeset/40654
Fx59+ are already fixed via the ICU 60.1 update. However, ESR52 is using ICU 58.2 still and is vulnerable from what I can tell.
Discussion:
Might not be a bad idea to look for any other ICU security backports that might have landed since 58.2 was shipped too.
---
(In reply to Ryan VanderMeulen [:RyanVM] from comment #0)
> However, ESR52 is using ICU 58.2 still and is vulnerable from what I can tell.
Do we know any details about the severity of the vulnerability? For example can it be used for remote code execution etc. ?
Bugzilla
CVE-2017-14952 icu: Double free in i18n/zonemeta.cpp
bugzilla·2017-11-08·CVSS 9.8
CVE-2017-14952 [CRITICAL] CVE-2017-14952 icu: Double free in i18n/zonemeta.cpp
CVE-2017-14952 icu: Double free in i18n/zonemeta.cpp
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.
Upstream patch:
http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp
External References:
http://www.sourcebrella.com/blog/double-free-vulnerability-international-components-unicode-icu/
Discussion:
Created icu tracking bugs for this issue:
Affects: fedora-all [bug 1510932]
Created mingw-icu tracking bugs for this issue:
Affects: epel-7 [bug 1510934]
Affects: fedora-all [bug 1510933]
---
Statement:
Red Hat Product Security has rated this issue as having Low se
Bugzilla
CVE-2017-14952 mingw-icu: icu: Double free in i18n/zonemeta.cpp [epel-7]
bugzilla·2017-11-08·CVSS 9.8
CVE-2017-14952 [CRITICAL] CVE-2017-14952 mingw-icu: icu: Double free in i18n/zonemeta.cpp [epel-7]
CVE-2017-14952 mingw-icu: icu: Double free in i18n/zonemeta.cpp [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-7.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Discussion:
Use the following template to for the 'fedpkg up
Bugzilla
CVE-2017-14952 mingw-icu: icu: Double free in i18n/zonemeta.cpp [fedora-all]
bugzilla·2017-11-08·CVSS 9.8
CVE-2017-14952 [CRITICAL] CVE-2017-14952 mingw-icu: icu: Double free in i18n/zonemeta.cpp [fedora-all]
CVE-2017-14952 mingw-icu: icu: Double free in i18n/zonemeta.cpp [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions
Bugzilla
CVE-2017-14952 icu: Double free in i18n/zonemeta.cpp [fedora-all]
bugzilla·2017-11-08·CVSS 9.8
CVE-2017-14952 [CRITICAL] CVE-2017-14952 icu: Double free in i18n/zonemeta.cpp [fedora-all]
CVE-2017-14952 icu: Double free in i18n/zonemeta.cpp [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora.
http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpphttp://www.sourcebrella.com/blog/double-free-vulnerability-international-components-unicode-icu/https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlhttp://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpphttp://www.sourcebrella.com/blog/double-free-vulnerability-international-components-unicode-icu/https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
2017-10-16
Published