Bug 1014886 (CVE-2013-2924) - CVE-2013-2924 icu: use-after-free flaw leads to denial of service
Summary: CVE-2013-2924 icu: use-after-free flaw leads to denial of service
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2013-2924
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1015593 1015594 1015595
Blocks: 1014887
TreeView+ depends on / blocked
 
Reported: 2013-10-03 03:35 UTC by Vincent Danen
Modified: 2021-06-16 15:03 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-06-16 15:03:55 UTC
Embargoed:


Attachments (Terms of Use)

Description Vincent Danen 2013-10-03 03:35:59 UTC
Common Vulnerabilities and Exposures assigned an identifier CVE-2013-2924 to
the following vulnerability:

Name: CVE-2013-2924
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924
Assigned: 20130411
Reference: http://bugs.icu-project.org/trac/ticket/10318
Reference: http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html
Reference: https://code.google.com/p/chromium/issues/detail?id=275803
Reference: https://src.chromium.org/viewvc/chrome?revision=219151&view=revision

Use-after-free vulnerability in International Components for Unicode
(ICU), as used in Google Chrome before 30.0.1599.66 and other
products, allows remote attackers to cause a denial of service or
possibly have unspecified other impact via unknown vectors.

Comment 2 Vincent Danen 2013-10-04 14:54:03 UTC
Created mingw-icu tracking bugs for this issue:

Affects: fedora-all [bug 1015595]

Comment 3 Vincent Danen 2013-10-04 14:54:09 UTC
Created icu tracking bugs for this issue:

Affects: fedora-all [bug 1015594]

Comment 4 Eike Rathke 2013-10-04 19:31:11 UTC
https://ssl.icu-project.org/trac/ticket/10318 results in
Error: Forbidden
TICKET_VIEW privileges are required to perform this operation on Ticket #10318

There is one commit assigned to that ticket, https://ssl.icu-project.org/trac/review/10318

I assume that is the only change required and it is applicable to ICU 50.

Comment 5 Vincent Danen 2013-10-04 22:09:14 UTC
Can't answer that one, as I don't have access to the ticket either, so I'm not sure whether that assumption is correct or not.

Comment 6 Huzaifa S. Sidhpurwala 2013-10-07 06:19:40 UTC
(In reply to Eike Rathke from comment #4)
> https://ssl.icu-project.org/trac/ticket/10318 results in
> Error: Forbidden
> TICKET_VIEW privileges are required to perform this operation on Ticket
> #10318
> 
> There is one commit assigned to that ticket,
> https://ssl.icu-project.org/trac/review/10318
> 
> I assume that is the only change required and it is applicable to ICU 50.

The following patch was applied to chromium to fix the issue:
https://src.chromium.org/viewvc/chrome/trunk/deps/third_party/icu46/source/i18n/csrucode.cpp?r1=219032&r2=219031&pathrev=219032

This corresponds to the following chromium security bug: (which is the same as the one linked in the CVE details in the description of this bug)
https://code.google.com/p/chromium/issues/detail?id=275803

Comparing the chromium patch with upstream patch (https://ssl.icu-project.org/trac/changeset/34076), i can conclude with significant confidence that the patch mentioned in comment #4 is the actual upstream patch.

Upstream patch: https://ssl.icu-project.org/trac/changeset/34076

Comment 7 Huzaifa S. Sidhpurwala 2013-10-07 06:26:14 UTC
This issue affects the version of icu shipped with Red Hat Enterprise Linux 5 and 6.

Comment 8 Huzaifa S. Sidhpurwala 2013-10-07 06:32:15 UTC
Statement:

This issue affects the version of icu as shipped with Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this issue as having moderate security impact, a future update may address this flaw.

Comment 10 Fedora Update System 2013-10-12 04:23:42 UTC
icu-50.1.2-10.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 11 Fedora Update System 2013-10-26 00:56:52 UTC
icu-49.1.1-12.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 12 Fedora Update System 2013-10-26 00:59:15 UTC
icu-50.1.2-9.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 13 Product Security DevOps Team 2021-06-16 15:03:55 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2013-2924


Note You need to log in before you can comment on or make changes to this bug.