CVE-2020-21913

CVE	CVE-2020-21913
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2021-09-20 14:15:00 UTC
Updated	2021-11-29 17:20:00 UTC
Description	International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.

Problem Types: CWE-416

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	10.0	All	All	All
Operating System	Debian	Debian Linux	9.0	All	All	All
Application	Unicode	International Components For Unicode	All	All	All	All
Application	Unicode	International Components For Unicode	66.1	All	All	All

Reference	Source	Link	Tags
Debian -- Security Information -- DSA-5014-1 icu	DEBIAN	www.debian.org
[ICU-20850] A Use After Free Bug - Unicode Consortium	MISC	unicode-org.atlassian.net
ICU-20850 Use LocalMemory for cmd to prevent use-after-free issue by jefgen · Pull Request #886 · unicode-org/icu · GitHub	MISC	github.com
[SECURITY] [DLA 2784-1] icu security update	MLIST	lists.debian.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

178833 Debian Security Update for icu (DLA 2784-1)
178915 Debian Security Update for icu (DSA 5014-1)
198557 Ubuntu Security Notification for ICU Vulnerability (USN-5133-1)
355687 Amazon Linux Security Advisory for icu : ALAS2-2023-2171
355689 Amazon Linux Security Advisory for libicu60 : ALAS2-2023-2172
501963 Alpine Linux Security Update for icu
504009 Alpine Linux Security Update for icu
591406 Siemens SIMATIC S7-1500 CPU GNU/Linux subsystem Multiple Vulnerabilities (SSB-439005, ICSA-22-104-13)
671150 EulerOS Security Update for icu (EulerOS-SA-2021-2804)
671186 EulerOS Security Update for icu (EulerOS-SA-2021-2932)
671204 EulerOS Security Update for icu (EulerOS-SA-2022-1029)
671212 EulerOS Security Update for icu (EulerOS-SA-2022-1009)
671237 EulerOS Security Update for icu (EulerOS-SA-2022-1168)
671308 EulerOS Security Update for icu (EulerOS-SA-2022-1226)
671325 EulerOS Security Update for icu (EulerOS-SA-2022-1207)
752559 SUSE Enterprise Linux Security Update for icu (SUSE-SU-2022:3140-1)
752564 SUSE Enterprise Linux Security Update for icu (SUSE-SU-2022:3142-1)
753166 SUSE Enterprise Linux Security Update for icu (SUSE-SU-2022:3141-1)
755134 SUSE Enterprise Linux Security Update for icu73_2 (SUSE-SU-2023:3563-2)
755187 SUSE Enterprise Linux Security Update for icu73_2 (SUSE-SU-2023:3563-3)