CVE-2025-5222

HIGH

International Components for Unicode < 77.1 - Buffer Overflow in genrb Binary

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-5222. PoCs published by berkley4.

AI-analyzed exploit summary This repository provides Debian build files and a patch for ICU 74.2 to address CVE-2025-5222. It includes a test file demonstrating Unicode string handling but does not contain an exploit. The focus is on building patched Debian packages.

Description

A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.

Exploits (1)

nomisec WRITEUP 1 stars

by berkley4 · poc

https://github.com/berkley4/icu-74-debian

View Code ZIP pw:eip

This repository provides Debian build files and a patch for ICU 74.2 to address CVE-2025-5222. It includes a test file demonstrating Unicode string handling but does not contain an exploit. The focus is on building patched Debian packages.

Classification

Writeup 90%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: ICU 74.2

No auth needed

Prerequisites: Debian build environment · ICU 74.2 source code

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (9)

Core 9

Core References

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:11888

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:12083

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:12331

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:12332

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:12333

Vendor Advisory vdb-entry x_refsource_redhat

https://access.redhat.com/security/cve/CVE-2025-5222

Issue Tracking issue-tracking x_refsource_redhat

https://bugzilla.redhat.com/show_bug.cgi?id=2368600

https://unicode-org.atlassian.net/jira/software/c/projects/ICU/issues/ICU-22957

Mailing List

https://lists.debian.org/debian-lts-announce/2025/06/msg00015.html

Scores

CVSS v3 7.0

EPSS 0.0030

EPSS Percentile 21.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-120

Status published

Products (10)

Red Hat/Red Hat Enterprise Linux 10 0:74.2-5.el10_0

Red Hat/Red Hat Enterprise Linux 6

Red Hat/Red Hat Enterprise Linux 7

Red Hat/Red Hat Enterprise Linux 8

Red Hat/Red Hat Enterprise Linux 9 0:67.1-10.el9_6

Red Hat/Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 0:67.1-10.el9_0

Red Hat/Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 0:67.1-10.el9_2

Red Hat/Red Hat Enterprise Linux 9.4 Extended Update Support 0:67.1-10.el9_4

Red Hat/Red Hat OpenShift Container Platform 4

unicode/international_components_for_unicode < 77.1

Published May 27, 2025

Tracked Since Feb 18, 2026