Wind River Support Network

HomeDefectsLIN7-8082
Fixed

LIN7-8082 : Security Advisory - icu - CVE-2014-9654

Created: Apr 26, 2017    Updated: Sep 8, 2018
Resolved Date: Jun 15, 2017
Found In Version: 7.0.0.24
Fix Version: 7.0.0.26
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Userspace

Description

The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.

https://nvd.nist.gov/vuln/detail/CVE-2014-9654

Other Downloads


CVEs


Live chat
Online