Red Hat Bugzilla – Bug 918167
CVE-2013-0900 icu: Race condition leading to a use-after-free
Last modified: 2016-03-04 07:25:46 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2013-0900 to the following vulnerability:
Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
 https://code.google.com/p/chromium/issues/detail?id=152442 (private)
Created icu tracking bugs for this issue
Affects: fedora-all [bug 918168]
Analyzing the issue, the maximum impact seems to be DoS, it is not exploitable.
This issue affects the version of icu as shipped with Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this issue as having moderate security impact, a future update may address this flaw.
icu-22.214.171.124-5.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.
icu-49.1.1-8.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.