OSV-2024-9

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/icu/OSV-2024-9.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-9
Published
2024-01-11T00:04:20.734197Z
Modified
2024-04-16T15:44:42.424488Z
Summary
Stack-buffer-overflow in _canonicalize
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65635

Crash type: Stack-buffer-overflow READ {*}
Crash state:
_canonicalize
ulocimp_getBaseName_75
ures_openWithType
References

Affected packages

OSS-Fuzz / icu

Package

Name
icu
Purl
pkg:generic/icu

Affected ranges

Type
GIT
Repo
https://github.com/unicode-org/icu.git
Events
Introduced
cfba9a8caf6cb6ab39eb4ca5702c78f97989bcde
Fixed
87ca0234476c62f7d42ab43bb4f5e17ca329f5d0

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

fixed_range 
"3f054adaf3ca34d55338e56773088bd589600583:87ca0234476c62f7d42ab43bb4f5e17ca329f5d0"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/icu/OSV-2024-9.yaml"