Candidate: CVE-2021-42574
PublicDate: 2021-11-01 04:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42574
 https://www.openwall.com/lists/oss-security/2021/11/01/1
 https://github.com/rust-lang/rust/commit/dd61274930ec0cd17711fab52d2bc9ad3e9053de (1.56.1)
 https://trojansource.codes
 http://www.unicode.org/versions/Unicode14.0.0/
Description:
 An issue was discovered in the Bidirectional Algorithm in the Unicode
 Specification through 14.0. It permits the visual reordering of characters
 via control sequences, which can be used to craft source code that renders
 different logic than the logical ordering of tokens ingested by compilers
 and interpreters. Adversaries can leverage this to encode source code for
 compilers accepting Unicode such that targeted vulnerabilities are
 introduced invisibly to human reviewers.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H [8.3 HIGH]


Patches_rustc:
upstream_rustc: needs-triage
trusty/esm_rustc: needs-triage
trusty_rustc: ignored (out of standard support)
xenial_rustc: ignored (out of standard support)
bionic_rustc: needs-triage
focal_rustc: needs-triage
hirsute_rustc: ignored (reached end-of-life)
impish_rustc: needs-triage
jammy_rustc: needs-triage
devel_rustc: needs-triage