- Vulnerability/
- USN-3610-1
USN-3610-1: ICU vulnerability
First published: Wed Mar 28 2018(Updated: )
It was discovered that ICU incorrectly handled certain calendars. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash, leading to a denial of service.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/libicu57 | <57.1-6ubuntu0.3 | 57.1-6ubuntu0.3 |
| Ubuntu Ubuntu | =17.10 | |
| All of | ||
| ubuntu/libicu55 | <55.1-7ubuntu0.4 | 55.1-7ubuntu0.4 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/libicu52 | <52.1-3ubuntu0.8 | 52.1-3ubuntu0.8 |
| Ubuntu Ubuntu | =14.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this ICU vulnerability?
The vulnerability ID for this ICU vulnerability is USN-3610-1.
What is the severity of the ICU vulnerability?
The severity of the ICU vulnerability is not mentioned in the provided information.
How does the ICU vulnerability impact applications?
The ICU vulnerability can cause a denial of service if an application using ICU processes crafted data.
Which versions of Ubuntu are affected by the ICU vulnerability?
The versions of Ubuntu affected by the ICU vulnerability are 17.10, 16.04, and 14.04.
How can the ICU vulnerability be fixed?
The ICU vulnerability can be fixed by updating the libicuXX package to the recommended version mentioned in the provided information.
- collector/usn
- agent/title
- agent/severity
- agent/references
- agent/tags
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/17.10
- version/ubuntu ubuntu/16.04
- version/ubuntu ubuntu/14.04