Description
A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.
Published: 2025-05-27
Score: 7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A stack buffer overflow was discovered in the Internationl components for unicode (ICU) library, specifically within the SRBRoot::addTag function when processing the genrb binary. The overflow corrupts the stack, enabling a local attacker who can run or influence the genrb program to overwrite adjacent memory and trigger arbitrary code execution. The vulnerability falls under CWE‑120, a classic buffer overflow that compromises memory integrity and potentially the entire process. The impact is local arbitrary code execution, which could be used to elevate privileges or sabotage applications that rely on ICU for string processing.

Affected Systems

Red Hat systems are affected, including Red Hat Enterprise Linux releases 6, 7, 8, 9, and 10 and their associated extended support streams (9.0, 9.2, 9.4). The OpenShift Container Platform 4 is also impacted because it embeds the ICU library. All affected systems run various packages identified by the following CPEs: redhat:enterprise_linux:6, redhat:enterprise_linux:7, redhat:enterprise_linux:8, redhat:enterprise_linux:9, redhat:enterprise_linux:10, redhat:rhel_e4s:9.0, redhat:rhel_e4s:9.2, redhat:rhel_eus:9.4, and redhat:openshift:4.

Risk and Exploitability

The CVSS score of 7.0 indicates a medium severity vulnerability. The EPSS score of less than 1% suggests a low probability of exploitation at the time of analysis. The vulnerability is not listed in the CISA KEV catalog, meaning no publicly known exploits are currently tracked. The attack vector is inferred to be local, as the flaw manifests when an attacker can invoke the genrb binary; a successful exploit would require local code execution or the ability to supply crafted data to the tool. While no active exploits are reported, the potential for local arbitrary code execution poses a significant risk in environments where genrb is run unattended or with untrusted input.

Generated by OpenCVE AI on May 1, 2026 at 08:00 UTC.

Remediation

Vendor Workaround

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

OpenCVE Recommended Actions

  • Apply the Red Hat errata updates RHSA-2025:11888, RHSA-2025:12083, RHSA-2025:12331–12333 that replace the ICU library with a version containing the stack‑overflow fix.
  • Restart all services that depend on ICU, or reboot the host, to ensure the updated library is loaded by the running processes.
  • If the update cannot be applied immediately, restrict or remove execution of the genrb binary from environments that process untrusted data, or limit its use to a privileged, tightly controlled account until the patch is in place.

Generated by OpenCVE AI on May 1, 2026 at 08:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4217-1 icu security update
Debian DSA Debian DSA DSA-5951-1 icu security update
EUVD EUVD EUVD-2025-16306 A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.
History

Wed, 22 Apr 2026 23:30:00 +0000

Type Values Removed Values Added
References

Fri, 08 Aug 2025 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Unicode
Unicode international Components For Unicode
CPEs cpe:2.3:a:unicode:international_components_for_unicode:*:*:*:*:*:*:*:*
Vendors & Products Unicode
Unicode international Components For Unicode

Thu, 31 Jul 2025 05:15:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Eus
CPEs cpe:/a:redhat:rhel_e4s:9.0::appstream
cpe:/a:redhat:rhel_eus:9.4::appstream
cpe:/o:redhat:rhel_e4s:9.0::baseos
cpe:/o:redhat:rhel_eus:9.4::baseos
Vendors & Products Redhat rhel Eus
References

Thu, 31 Jul 2025 05:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel E4s
CPEs cpe:/a:redhat:rhel_e4s:9.2::appstream
cpe:/o:redhat:rhel_e4s:9.2::baseos
Vendors & Products Redhat rhel E4s
References

Tue, 29 Jul 2025 12:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:9 cpe:/a:redhat:enterprise_linux:9::appstream
cpe:/o:redhat:enterprise_linux:9::baseos
References

Mon, 28 Jul 2025 12:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:10 cpe:/o:redhat:enterprise_linux:10.0
References

Sun, 15 Jun 2025 23:45:00 +0000

Type Values Removed Values Added
References

Wed, 28 May 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 27 May 2025 21:00:00 +0000

Type Values Removed Values Added
Description No description is available for this CVE. A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.
Title icu: Stack buffer overflow in the SRBRoot::addTag function Icu: stack buffer overflow in the srbroot::addtag function
First Time appeared Redhat
Redhat enterprise Linux
Redhat openshift
CPEs cpe:/a:redhat:openshift:4
cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
Redhat openshift
References

Tue, 27 May 2025 06:30:00 +0000

Type Values Removed Values Added
Description No description is available for this CVE.
Title icu: Stack buffer overflow in the SRBRoot::addTag function
Weaknesses CWE-120
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H'}

threat_severity

Moderate

Subscriptions

Redhat Enterprise Linux Openshift Rhel E4s Rhel Eus
Unicode International Components For Unicode
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-04-22T23:24:28.025Z

Reserved: 2025-05-26T14:41:58.427Z

Link: CVE-2025-5222

cve-icon Vulnrichment

Updated: 2025-06-15T23:02:56.243Z

cve-icon NVD

Status : Modified

Published: 2025-05-27T21:15:23.030

Modified: 2026-04-23T00:16:44.093

Link: CVE-2025-5222

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-11-14T00:00:00Z

Links: CVE-2025-5222 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-01T08:15:12Z

Weaknesses