PT-2019-6190 · Icu+3 · International Components For Unicode+3

Rongxin Wu

Publicado

2019-10-03

Atualizado

2025-06-24

CVE-2020-21913

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions International Components for Unicode (ICU) version 66.1

Description The issue is related to a use after free bug in the pkg createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp. This bug can be exploited by a remote attacker to cause a denial of service.

Recommendations For International Components for Unicode (ICU) version 66.1, update to a version that fixes the use after free bug in the pkg createWithAssemblyCode function. As a temporary workaround, consider restricting access to the pkg createWithAssemblyCode function to minimize the risk of exploitation.

Exploit

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

BDU:2022-01754

CVE-2020-21913

DLA-2784-1

DSA-5014-1

OESA-2021-1406

OPENSUSE-SU-2022_3141-1

OPENSUSE-SU-2023_3563-1

OPENSUSE-SU-2024:13127-1

SUSE-SU-2022:3140-1

SUSE-SU-2022:3141-1

SUSE-SU-2022:3142-1

SUSE-SU-2022_3140-1

SUSE-SU-2022_3141-1

SUSE-SU-2022_3142-1

SUSE-SU-2023:3563-1

SUSE-SU-2023:3563-2

SUSE-SU-2023:3563-3

SUSE-SU-2025:02079-1

SUSE-SU-2025_02079-1

USN-5133-1

Produtos afetados

Astra Linux

International Components For Unicode

Suse

Ubuntu

PT-2019-6190 · Icu+3 · International Components For Unicode+3

CVE-2020-21913

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 67