CVE-2025-5222
CVE Details
Visit the official vulnerability details page for CVE-2025-5222 to learn more.
Initial Publication
07/31/2025
Last Update
09/18/2025
Third Party Dependency
icu-data-en
NIST CVE Summary
A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.
CVE Severity
Our Official Summary
A stack buffer overflow in the genrb utility occurs within the SRBRoot::addTag function when handling oversized subtag structs, potentially leading to memory corruption or arbitrary code execution.
The images where this vulnrability is have controls in place are not accessible outside the cluster. So the attacker needs to gain privileged access to the cluster to attempt this exploit. Also the containers do not allow execution of arbitrary code. Impact of this exploit is also low, since container reduces the attack surface.
Status
Ongoing
Affected Products & Versions
| Version | Palette Enterprise | Palette Enterprise Airgap | VerteX | VerteX Airgap |
|---|---|---|---|---|
| 4.7.20 | ⚠️ Impacted | ✅ No Impact | ⚠️ Impacted | ✅ No Impact |
| 4.6.41 | ⚠️ Impacted | ✅ No Impact | ⚠️ Impacted | ✅ No Impact |
Revision History
| Date | Revision |
|---|---|
| 07/31/2025 | Status changed from Open to Ongoing |
| 07/31/2025 | Official summary added |