SUSE-SU-2017:0256-1

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2014-9911

Published: 23 Jan 2017, 11:29

Last modified:04 Feb 2026, 02:41

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

23 Jan 2017, 11:29

Published

Vulnerability first disclosed

04 Feb 2026, 02:41

Last Modified

Vulnerability information updated

Description

Security update for icu This update for icu fixes the following security issues: - Passing a locale string longer than 255 characters to uloc_getDisplayName() could have caused a buffer overflow resulting in denial of service or possible code execution (bsc#1012224, CVE-2014-9911).

Affected Systems

suse•icu&distro=SUSE Linux Enterprise Server 11 SP4
< 4.0-43.1
suse•icu&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4
< 4.0-43.1
suse•icu&distro=SUSE Linux Enterprise Software Development Kit 11 SP4
< 4.0-43.1

References (3)

https://www.suse.com/support/update/announcement/2017/suse-su-20170256-1/
https://bugzilla.suse.com/1012224
https://www.suse.com/security/cve/CVE-2014-9911