CVE-2025-5222: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.
AI Analysis
Technical Summary
A stack buffer overflow exists in the ICU library's SRBRoot::addTag function, causing the 'subtag' struct to overflow during execution of the genrb binary. This vulnerability can result in memory corruption and local arbitrary code execution. Red Hat Enterprise Linux 9 and 10 versions are affected on various architectures including x86_64, s390x, ppc64le, and aarch64. Red Hat has released updated icu packages as security fixes, detailed in advisories RHSA-2025:11888 and RHSA-2025:12083. The advisories provide instructions for applying these updates. The vulnerability has a CVSS 3.1 base score of 7.0 with vector AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local attack vector with high impact on confidentiality, integrity, and availability. No exploits in the wild are currently known.
Potential Impact
Successful exploitation of this vulnerability may lead to memory corruption and local arbitrary code execution on affected Red Hat Enterprise Linux systems. The CVSS score of 7.0 reflects a high severity with potential for significant impact on confidentiality, integrity, and availability. However, Red Hat rates the security impact as Moderate. There are no known active exploits in the wild at this time.
Mitigation Recommendations
Red Hat has released official security updates for the icu package that address this vulnerability for Red Hat Enterprise Linux versions 9 and 10. Users should apply these updates promptly following Red Hat's guidance at https://access.redhat.com/articles/11258. Since this is not a cloud service, remediation requires manual patching of affected systems. No additional mitigation steps are indicated by the vendor advisory.
CVE-2025-5222: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Description
A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
A stack buffer overflow exists in the ICU library's SRBRoot::addTag function, causing the 'subtag' struct to overflow during execution of the genrb binary. This vulnerability can result in memory corruption and local arbitrary code execution. Red Hat Enterprise Linux 9 and 10 versions are affected on various architectures including x86_64, s390x, ppc64le, and aarch64. Red Hat has released updated icu packages as security fixes, detailed in advisories RHSA-2025:11888 and RHSA-2025:12083. The advisories provide instructions for applying these updates. The vulnerability has a CVSS 3.1 base score of 7.0 with vector AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local attack vector with high impact on confidentiality, integrity, and availability. No exploits in the wild are currently known.
Potential Impact
Successful exploitation of this vulnerability may lead to memory corruption and local arbitrary code execution on affected Red Hat Enterprise Linux systems. The CVSS score of 7.0 reflects a high severity with potential for significant impact on confidentiality, integrity, and availability. However, Red Hat rates the security impact as Moderate. There are no known active exploits in the wild at this time.
Mitigation Recommendations
Red Hat has released official security updates for the icu package that address this vulnerability for Red Hat Enterprise Linux versions 9 and 10. Users should apply these updates promptly following Red Hat's guidance at https://access.redhat.com/articles/11258. Since this is not a cloud service, remediation requires manual patching of affected systems. No additional mitigation steps are indicated by the vendor advisory.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- redhat
- Date Reserved
- 2025-05-26T14:41:58.427Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/errata/RHSA-2025:11888","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2025:12083","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2025:12331","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2025:12332","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2025:12333","vendor":"Red Hat"},{"url":"https://access.redhat.com/security/cve/CVE-2025-5222","vendor":"Red Hat"}]
Threat ID: 68362775182aa0cae2250911
Added to database: 5/27/2025, 8:58:29 PM
Last enriched: 4/24/2026, 3:41:45 PM
Last updated: 5/10/2026, 8:32:21 AM
Views: 230
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.