CVE-2020-10531: Buffer Overflow
First published: Wed Feb 26 2020(Updated: )
An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/chromium-browser | <80.0.3987.122 | 80.0.3987.122 |
| redhat/node | <14.3.0 | 14.3.0 |
| redhat/node | <12.17.0 | 12.17.0 |
| redhat/node | <10.21.0 | 10.21.0 |
| ubuntu/chromium-browser | <80.0.3987.149-0ubuntu0.18.04.1 | 80.0.3987.149-0ubuntu0.18.04.1 |
| ubuntu/chromium-browser | <80.0.3987.122 | 80.0.3987.122 |
| ubuntu/chromium-browser | <80.0.3987.149-0ubuntu0.16.04.1 | 80.0.3987.149-0ubuntu0.16.04.1 |
| ubuntu/icu | <60.2-3ubuntu3.1 | 60.2-3ubuntu3.1 |
| ubuntu/icu | <63.2-2ubuntu0.1 | 63.2-2ubuntu0.1 |
| ubuntu/icu | <52.1-3ubuntu0.8+ | 52.1-3ubuntu0.8+ |
| ubuntu/icu | <55.1-7ubuntu0.5 | 55.1-7ubuntu0.5 |
| <=66.1 | ||
| =6.0 | ||
| =6.0 | ||
| =6.0 | ||
| <80.0.3987.122 | ||
| =30 | ||
| =31 | ||
| =33 | ||
| =8.0 | ||
| =9.0 | ||
| =10.0 | ||
| =12.04 | ||
| =14.04 | ||
| =16.04 | ||
| =18.04 | ||
| =19.10 | ||
| =15.1 | ||
| =14.3.0 | ||
| =14.4.0 | ||
| >=10.0.0<=10.12.0 | ||
| >=10.13.0<10.21.0 | ||
| Icu-project International Components For Unicode | <=66.1 | |
| Redhat Enterprise Linux Desktop | =6.0 | |
| Redhat Enterprise Linux Server | =6.0 | |
| Redhat Enterprise Linux Workstation | =6.0 | |
| Google Chrome | <80.0.3987.122 | |
| Fedoraproject Fedora | =30 | |
| Fedoraproject Fedora | =31 | |
| Fedoraproject Fedora | =33 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| Debian Debian Linux | =10.0 | |
| Canonical Ubuntu Linux | =12.04 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =16.04 | |
| Canonical Ubuntu Linux | =18.04 | |
| Canonical Ubuntu Linux | =19.10 | |
| openSUSE Leap | =15.1 | |
| Oracle Banking Extensibility Workbench | =14.3.0 | |
| Oracle Banking Extensibility Workbench | =14.4.0 | |
| Nodejs Node.js | >=10.0.0<=10.12.0 | |
| Nodejs Node.js | >=10.13.0<10.21.0 | |
| debian/icu | <=57.1-6+deb9u3<=52.1-8+deb8u7<=66.1-1<=63.1-6<=57.1-1<=63.2-2<=57.1-6 | 66.1-2 63.2-3 63.1-6+deb10u1 57.1-6+deb9u4 |
| IBM Data Risk Manager | <=2.0.6 | |
| debian/icu | 63.1-6+deb10u3 63.1-6+deb10u2 67.1-7 72.1-3 72.1-4 |
Remedy
https://chromium.googlesource.com/chromium/deps/icu/+/9f4020916eb1f28f3666f018fdcbe6c9a37f0e08
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/unicode-org/icu/pull/971
- https://security-tracker.debian.org/tracker/CVE-2020-10531
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531
- https://bugs.chromium.org/p/chromium/issues/detail?id=1044570
- https://unicode-org.atlassian.net/browse/ICU-20958
- https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953747
- https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
- https://chromium.googlesource.com/chromium/deps/icu/+/9f4020916eb1f28f3666f018fdcbe6c9a37f0e08
- https://access.redhat.com/errata/RHSA-2020:0738
- https://security.gentoo.org/glsa/202003-15
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/
- https://lists.debian.org/debian-lts-announce/2020/03/msg00024.html
- https://www.debian.org/security/2020/dsa-4646
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/
- https://usn.ubuntu.com/4305-1/
- http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00004.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://launchpad.net/bugs/cve/CVE-2020-10531
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1807359
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1807358
- https://sourceforge.net/p/icu/mailman/icu-announce/thread/CAN49p6qisNX4gKpFpdECYTohTXQZ87RGYy%2Bzm_Ej9BMUP2GA8Q%40mail.gmail.com/#msg36945841
- https://access.redhat.com/errata/RHSA-2020:0896
- https://access.redhat.com/errata/RHSA-2020:0897
- https://access.redhat.com/errata/RHSA-2020:0901
- https://access.redhat.com/errata/RHSA-2020:0902
- https://access.redhat.com/errata/RHSA-2020:1293
- https://access.redhat.com/errata/RHSA-2020:1317
- https://access.redhat.com/errata/RHSA-2020:1343
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1846887
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1846888
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1846889
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1846890
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1846891
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1846892
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1846895
- https://access.redhat.com/errata/RHSA-2020:2895
- https://access.redhat.com/errata/RHSA-2020:3084
- https://bugzilla.redhat.com/show_bug.cgi?id=1807349
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/177660
- https://www.ibm.com/support/pages/node/6335281 (Advisory)
- https://ubuntu.com/security/notices/USN-4305-1
- https://www.cve.org/CVERecord?id=CVE-2020-10531
- https://nvd.nist.gov/vuln/detail/CVE-2020-10531
- https://ubuntu.com/security/CVE-2020-10531
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2020-10531.
What is the severity of CVE-2020-10531?
The severity of CVE-2020-10531 is critical with a CVSS score of 9.8.
Which software or products are affected by CVE-2020-10531?
The affected software/products include International Components for Unicode (ICU) for C/C++, Chromium browser, Node.js, IBM Data Risk Manager, Google Chrome, Redhat Enterprise Linux, Debian Linux, Ubuntu Linux, Fedora, openSUSE Leap, and Oracle Banking Extensibility Workbench.
How can an attacker exploit CVE-2020-10531?
An attacker can exploit CVE-2020-10531 by sending a specially-crafted request to trigger a heap-based buffer overflow in the affected software, leading to arbitrary code execution.
Is there a fix available for CVE-2020-10531?
Yes, there are patches and updates available for the affected software/packages. Please refer to the vendor's official website or security advisories for the appropriate remediation steps.
- collector/debian-bugs
- alias/CVE-2020-10531
- agent/type
- agent/remedy
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/severity
- agent/weakness
- collector/redhat-bugzilla
- source/Red Hat
- agent/software-canonical-lookup
- collector/security-tracker-debian
- source/Debian
- collector/nvd-cve
- source/NVD
- agent/description
- collector/ibm-support
- source/IBM
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- collector/usn-cve
- source/Ubuntu
- package-manager/debian
- vendor/icu-project
- canonical/icu-project international components for unicode
- version/icu-project international components for unicode/66.1
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- vendor/google
- canonical/google chrome
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/30
- version/fedoraproject fedora/31
- version/fedoraproject fedora/33
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- version/debian debian linux/10.0
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/12.04
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/16.04
- version/canonical ubuntu linux/18.04
- version/canonical ubuntu linux/19.10
- vendor/opensuse
- canonical/opensuse leap
- version/opensuse leap/15.1
- vendor/oracle
- canonical/oracle banking extensibility workbench
- version/oracle banking extensibility workbench/14.3.0
- version/oracle banking extensibility workbench/14.4.0
- vendor/nodejs
- canonical/nodejs node.js
- version/nodejs node.js/10.0.0
- version/nodejs node.js/10.12.0
- version/nodejs node.js/10.13.0
- package-manager/redhat
- vendor/ibm
- canonical/ibm data risk manager
- version/ibm data risk manager/2.0.6
- package-manager/ubuntu