漏洞平台

POC详情： ecc63429c088dbf0fa4fd054dd2d4615e0f4b83f

来源

https://github.com/berkley4/icu-74-debian

关联漏洞

标题： International Components for Unicode 安全漏洞 (CVE-2025-5222)
描述：International Components for Unicode（icu）是The Unicode Consortium开源的一套成熟且广泛使用的 C/C++ 和 Java 库，为软件应用程序提供 Unicode 和全球化支持。 International Components for Unicode 76.0.1版本存在安全漏洞，该漏洞源于genrb二进制中subtag结构溢出，可能导致内存损坏和本地任意代码执行。

描述

Debian build files for icu 74.2 with a patch to fix CVE-2025-5222

介绍

# icu-74-debian
Debian build files for icu 74.2 with a patch to fix CVE-2025-5222

You need to download and extract [icu_74.2.orig.tar.gz](https://snapshot.debian.org/archive/debian/20231215T150950Z/pool/main/i/icu/icu_74.2.orig.tar.gz) to set up your source tree.

Clone this repo somewhere with the following command :-

```
git clone https://github.com/berkley4/icu-74-debian
```

Copy the debian folder from the cloned repo to your icu source directory, eg :-

```
cp -a icu-74-debian/debian icu/
```

Change into the icu source tree and start building the icu deb files :-

```
cd icu

DEB_BUILD_MAINT_OPTIONS=abi=+time64 dpkg-buildpackage -b -uc
```

End users, eg those who have downloaded my ungoogled chromium debs, need to install :-

libicu74_74.2-1_amd64.deb


Builders need to install the following debs :-

libicu74_74.2-1_amd64.deb
libicu-dev_74.2-1_amd64.deb
icu-devtools_74.2-1_amd64.deb

文件快照


 [4.0K]  /data/pocs/ecc63429c088dbf0fa4fd054dd2d4615e0f4b83f
├── [4.0K]  debian
│   ├── [ 43K]  changelog
│   ├── [ 122]  clean
│   ├── [2.2K]  control
│   ├── [2.2K]  copyright
│   ├── [ 912]  fix_substvars.pl
│   ├── [ 198]  icu-devtools.install
│   ├── [ 358]  icu-doc.doc-base
│   ├── [  45]  icu-doc.install
│   ├── [ 150]  libicu74.install
│   ├── [ 345]  libicu74.lintian-overrides
│   ├── [ 210]  libicu74.shlibs
│   ├── [ 100]  libicu-dev.install
│   ├── [  75]  libicu-dev.lintian-overrides
│   ├── [4.0K]  patches
│   │   ├── [ 874]  broken_LICENSE.patch
│   │   ├── [7.3K]  ICU-22973.patch
│   │   ├── [ 641]  icudata-stdlibs.patch
│   │   └── [  59]  series
│   ├── [ 830]  README.source
│   ├── [2.5K]  rules
│   ├── [4.0K]  source
│   │   ├── [  12]  format
│   │   └── [ 110]  lintian-overrides
│   ├── [4.0K]  tests
│   │   ├── [ 214]  build-test
│   │   ├── [ 161]  control
│   │   ├── [ 176]  smoke
│   │   └── [ 24K]  ustring.cpp
│   ├── [4.0K]  upstream
│   │   └── [ 59K]  signing-key.asc
│   └── [ 283]  watch
└── [ 905]  README.md

5 directories, 28 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。