Navigation
Search
|
The "Trojan Source" vulnerability
Monday November 1, 2021. 03:22 PM , from LWN.net
The latest branded and trademarked vulnerability type is called 'Trojan Source'. By playing tricks
with Unicode bidirectional support, an attacker can create malicious code that appears to be benign to reviewers. 'The attack is to use control characters embedded in comments and strings to reorder source code characters in a way that changes its logic.' Various releases, including Rust 1.56.1, are being made to address this problem.
https://lwn.net/Articles/874546/rss
|
25 sources
Current Date
May, Fri 3 - 03:55 CEST
|