[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS2023-2023-030 --- gcc

ID: oval:org.secpod.oval:def:19500096Date: (C)2023-06-12   (M)2024-06-13
Class: PATCHFamily: unix




A flaw was found in the way Unicode standards are implemented in the context of development environments, which have specialized requirements for rendering text. An attacker could exploit this to deceive a human reviewer by creating a malicious patch containing well placed BiDi characters. The special handling and rendering of those characters can be then used in an attempt to hide unexpected and potentially dangerous behaviour from the reviewer

Platform:
Amazon Linux 2023
Product:
gcc
libasan
libtsan
libgcc
libitm
cpp
libgfortran
libstdc++
liblsan
libatomic
libgomp
libubsan
libquadmath
Reference:
ALAS2023-2023-030
CVE-2021-42574
CVE    1
CVE-2021-42574
CPE    3
cpe:/a:gnu:cpp
cpe:/a:gnu:gcc
cpe:/a:gnu:libatomic

© SecPod Technologies