Lintian tag: unicode-trojan
Type: pedantic
Description (from lintian-explain-tags)
The named text file contains a Unicode codepoint that has been identified
as a potential security risk.
There are two distinct attack vectors. One is homoglyphs in which text
looks confusingly similar to what a reader might expects, but is actually
different. The second is birectional attacks, in which the rendered text
hides potentially malicious characters.
Here are the relevant codepoints:
- ARABIC LETTER MARK (U+061C)
- LEFT-TO-RIGHT MARK (U+200E)
- RIGHT-TO-LEFT MARK (U+200F)
- LEFT-TO-RIGHT EMBEDDING (U+202A)
- RIGHT-TO-LEFT EMBEDDING (U+202B)
- POP DIRECTIONAL FORMATTING (U+202C)
- LEFT-TO-RIGHT OVERRIDE (U+202D)
- RIGHT-TO-LEFT OVERRIDE (U+202E)
- LEFT-TO-RIGHT ISOLATE (U+2066)
- RIGHT-TO-LEFT ISOLATE (U+2067)
- FIRST STRONG ISOLATE (U+2068)
- POP DIRECTIONAL ISOLATE (U+2069)
You can also run a similar check in your shell with that command:
grep -r $'[\u061C\u200E\u200F\u202A\u202B\u202C\u202D\u202E\u2066\u2067\u2068\u2069]'
The registered vulnerabilities are CVE-2021-42694 ("Homoglyph") and
CVE-2021-42574 ("Bidirectional Attack").
Please refer to https://nvd.nist.gov/vuln/detail/CVE-2021-42694,
https://nvd.nist.gov/vuln/detail/CVE-2021-42574,
https://www.trojansource.codes,
https://www.trojansource.codes/trojan-source.pdf,
https://en.wikipedia.org/wiki/Bidirectional_text,
https://www.ida.org/research-and-publications/publications/all/i/in/initial-analysis-of-underhanded-source-code,
and
https://www.ida.org/-/media/feature/publications/i/in/initial-analysis-of-underhanded-source-code/d-13166.ashx
for details.
Visibility: pedantic
Show-Always: no
Check: files/unicode/trojan
This tag is experimental.
Affected packages
| source | version | binary | level | tag | count | information |
|---|---|---|---|---|---|---|
| bandit | 1.7.10-2 | experimental | unicode-trojan | 1 | Contents U+2069 "POP DIRECTIONAL ISOLATE" [examples/trojansource.py:4] | |
| bandit | 1.7.10-2 | experimental | unicode-trojan | 1 | Contents U+2066 "LEFT-TO-RIGHT ISOLATE" [examples/trojansource.py:4] | |
| bandit | 1.7.10-2 | experimental | unicode-trojan | 1 | Contents U+202E "RIGHT-TO-LEFT OVERRIDE" [examples/trojansource.py:4] | |
| firefox | 136.0.2-1 | experimental | unicode-trojan | 1 | Contents U+2067 "RIGHT-TO-LEFT ISOLATE" [tools/lint/test/files/trojan-source/early-return.py:5] | |
| firefox-esr | 128.8.0esr-1 | experimental | unicode-trojan | 1 | Contents U+2067 "RIGHT-TO-LEFT ISOLATE" [tools/lint/test/files/trojan-source/early-return.py:5] | |
| funcoeszz | 21.1-1 | funcoeszz/21.1-1 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [usr/bin/funcoeszz:3925] |
| funcoeszz | 21.1-1 | funcoeszz/21.1-1 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [usr/bin/funcoeszz:19615] |
| funcoeszz | 21.1-1 | funcoeszz/21.1-1 | experimental | unicode-trojan | 1 | Contents U+200F "RIGHT-TO-LEFT MARK" [usr/bin/funcoeszz:3926] |
| funcoeszz | 21.1-1 | funcoeszz/21.1-1 | experimental | unicode-trojan | 1 | Contents U+200F "RIGHT-TO-LEFT MARK" [usr/bin/funcoeszz:19616] |
| funcoeszz | 21.1-1 | funcoeszz/21.1-1 | experimental | unicode-trojan | 1 | Contents U+200F "RIGHT-TO-LEFT MARK" [usr/bin/funcoeszz:20002] |
| funcoeszz | 21.1-1 | funcoeszz/21.1-1 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [usr/bin/funcoeszz:20001] |
| gettext | 0.23.1-1 | experimental | unicode-trojan | 1 | Contents U+2068 "FIRST STRONG ISOLATE" [gettext-tools/tests/msgconv-8:20] | |
| gettext | 0.23.1-1 | experimental | unicode-trojan | 1 | Contents U+2068 "FIRST STRONG ISOLATE" [gettext-tools/tests/msgcat-22:16] | |
| gettext | 0.23.1-1 | experimental | unicode-trojan | 1 | Contents U+2068 "FIRST STRONG ISOLATE" [gettext-tools/tests/msgcat-22:20] | |
| gettext | 0.23.1-1 | experimental | unicode-trojan | 1 | Contents U+2069 "POP DIRECTIONAL ISOLATE" [gettext-tools/tests/msgconv-8:20] | |
| gettext | 0.23.1-1 | experimental | unicode-trojan | 1 | Contents U+2069 "POP DIRECTIONAL ISOLATE" [gettext-tools/tests/msgcat-22:20] | |
| gettext | 0.23.1-1 | experimental | unicode-trojan | 1 | Contents U+2068 "FIRST STRONG ISOLATE" [gettext-tools/tests/msgconv-8:16] | |
| gettext | 0.23.1-1 | experimental | unicode-trojan | 1 | Contents U+2069 "POP DIRECTIONAL ISOLATE" [gettext-tools/tests/msgconv-8:16] | |
| gettext | 0.23.1-1 | experimental | unicode-trojan | 1 | Contents U+2069 "POP DIRECTIONAL ISOLATE" [gettext-tools/tests/xgettext-17:50] | |
| gettext | 0.23.1-1 | experimental | unicode-trojan | 1 | Contents U+2068 "FIRST STRONG ISOLATE" [gettext-tools/tests/xgettext-17:46] | |
| gettext | 0.23.1-1 | experimental | unicode-trojan | 1 | Contents U+2068 "FIRST STRONG ISOLATE" [gettext-tools/tests/xgettext-17:50] | |
| gettext | 0.23.1-1 | experimental | unicode-trojan | 1 | Contents U+2069 "POP DIRECTIONAL ISOLATE" [gettext-tools/tests/msgcat-22:16] | |
| gettext | 0.23.1-1 | experimental | unicode-trojan | 1 | Contents U+2069 "POP DIRECTIONAL ISOLATE" [gettext-tools/tests/xgettext-17:46] | |
| gettext | 0.23.1-1 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [gettext-tools/tests/xgettext-tcl-4:42] | |
| konwert | 1.8-15 | konwert-filters/1.8-15 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [usr/share/konwert/filters/htmlent-UTF8:539] |
| konwert | 1.8-15 | konwert-filters/1.8-15 | experimental | unicode-trojan | 1 | Contents U+200F "RIGHT-TO-LEFT MARK" [usr/share/konwert/filters/mnemonic-UTF8:1097] |
| konwert | 1.8-15 | konwert-filters/1.8-15 | experimental | unicode-trojan | 1 | Contents U+200F "RIGHT-TO-LEFT MARK" [usr/share/konwert/filters/mnemonic1-UTF8:1097] |
| konwert | 1.8-15 | konwert-filters/1.8-15 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [usr/share/konwert/filters/mnemonic-UTF8:1096] |
| konwert | 1.8-15 | konwert-filters/1.8-15 | experimental | unicode-trojan | 1 | Contents U+200F "RIGHT-TO-LEFT MARK" [usr/share/konwert/filters/htmlent-UTF8:540] |
| konwert | 1.8-15 | konwert-filters/1.8-15 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [usr/share/konwert/filters/mnemonic1-UTF8:1096] |
| konwert | 1.8-15 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [filters/mnemonic1-UTF8:1096] | |
| konwert | 1.8-15 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [filters/htmlent-UTF8:539] | |
| konwert | 1.8-15 | experimental | unicode-trojan | 1 | Contents U+200F "RIGHT-TO-LEFT MARK" [filters/htmlent-UTF8:540] | |
| konwert | 1.8-15 | experimental | unicode-trojan | 1 | Contents U+200F "RIGHT-TO-LEFT MARK" [filters/mnemonic1-UTF8:1097] | |
| konwert | 1.8-15 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [filters/mnemonic-UTF8:1096] | |
| konwert | 1.8-15 | experimental | unicode-trojan | 1 | Contents U+200F "RIGHT-TO-LEFT MARK" [filters/mnemonic-UTF8:1097] | |
| orca | 48.0-2 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [test-historical/keystrokes/gnome-clocks/stop_watch_flat_review.py:85] | |
| orca | 48.0-2 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [test-historical/keystrokes/gnome-clocks/stop_watch_flat_review.py:96] | |
| orca | 48.0-2 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [test-historical/keystrokes/gnome-clocks/stop_watch_flat_review.py:94] | |
| orca | 48.0-2 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [test-historical/keystrokes/gnome-clocks/stop_watch_flat_review.py:84] | |
| orca | 48.0-2 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [test-historical/keystrokes/gnome-clocks/stop_watch_flat_review.py:60] | |
| orca | 48.0-2 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [test-historical/keystrokes/gnome-clocks/stop_watch_flat_review.py:44] | |
| orca | 48.0-2 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [test-historical/keystrokes/gnome-clocks/stop_watch_flat_review.py:95] | |
| orca | 48.0-2 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [test-historical/keystrokes/gnome-clocks/stop_watch_flat_review.py:86] | |
| orca | 48.0-2 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [test-historical/keystrokes/gnome-clocks/stop_watch_flat_review.py:61] | |
| orca | 48.0-2 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [test-historical/keystrokes/gnome-clocks/stop_watch_flat_review.py:45] | |
| orca | 48.0-2 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [test-historical/keystrokes/gnome-clocks/stop_watch_flat_review.py:43] | |
| orca | 48.0-2 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [test-historical/keystrokes/gnome-clocks/stop_watch_flat_review.py:59] | |
| qelectrotech | 1:0.9-3 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [misc/translations_stat.pl:151] | |
| rust-stfu8 | 0.2.6-2 | librust-stfu8-dev/0.2.6-2+b1 | experimental | unicode-trojan | 9 | Contents U+200E "LEFT-TO-RIGHT MARK" [usr/share/cargo/registry/stfu8-0.2.6/tests/sanity.rs:99] |
| rust-stfu8 | 0.2.6-2 | librust-stfu8-dev/0.2.6-2+b1 | experimental | unicode-trojan | 9 | Contents U+200F "RIGHT-TO-LEFT MARK" [usr/share/cargo/registry/stfu8-0.2.6/tests/sanity.rs:99] |
| rust-stfu8 | 0.2.6-2 | experimental | unicode-trojan | 1 | Contents U+200E "LEFT-TO-RIGHT MARK" [tests/sanity.rs:99] | |
| rust-stfu8 | 0.2.6-2 | experimental | unicode-trojan | 1 | Contents U+200F "RIGHT-TO-LEFT MARK" [tests/sanity.rs:99] | |
| tarantool | 2.6.0-1.4 | experimental | unicode-trojan | 1 | Contents U+202B "RIGHT-TO-LEFT EMBEDDING" [test/sql-tap/collation_unicode.test.lua:325] | |
| tarantool | 2.6.0-1.4 | experimental | unicode-trojan | 1 | Contents U+202C "POP DIRECTIONAL FORMATTING" [test/sql-tap/collation_unicode.test.lua:330] | |
| thrift | 0.19.0-4 | experimental | unicode-trojan | 1 | Contents U+202C "POP DIRECTIONAL FORMATTING" [test/rb/integration/TestClient.rb:144] | |
| thrift | 0.19.0-4 | experimental | unicode-trojan | 1 | Contents U+202A "LEFT-TO-RIGHT EMBEDDING" [test/py/TestClient.py:99] | |
| thrift | 0.19.0-4 | experimental | unicode-trojan | 1 | Contents U+202A "LEFT-TO-RIGHT EMBEDDING" [test/py/TestClient.py:100] | |
| thrift | 0.19.0-4 | experimental | unicode-trojan | 1 | Contents U+202A "LEFT-TO-RIGHT EMBEDDING" [test/rb/integration/TestClient.rb:143] | |
| thrift | 0.19.0-4 | experimental | unicode-trojan | 1 | Contents U+202C "POP DIRECTIONAL FORMATTING" [test/py/TestClient.py:100] | |
| thrift | 0.19.0-4 | experimental | unicode-trojan | 1 | Contents U+202A "LEFT-TO-RIGHT EMBEDDING" [test/rb/integration/TestClient.rb:144] | |
| thrift | 0.20.0-1 | experimental | unicode-trojan | 1 | Contents U+202A "LEFT-TO-RIGHT EMBEDDING" [test/rb/integration/TestClient.rb:144] | |
| thrift | 0.20.0-1 | experimental | unicode-trojan | 1 | Contents U+202C "POP DIRECTIONAL FORMATTING" [test/py/TestClient.py:100] | |
| thrift | 0.20.0-1 | experimental | unicode-trojan | 1 | Contents U+202A "LEFT-TO-RIGHT EMBEDDING" [test/rb/integration/TestClient.rb:143] | |
| thrift | 0.20.0-1 | experimental | unicode-trojan | 1 | Contents U+202C "POP DIRECTIONAL FORMATTING" [test/rb/integration/TestClient.rb:144] | |
| thrift | 0.20.0-1 | experimental | unicode-trojan | 1 | Contents U+202A "LEFT-TO-RIGHT EMBEDDING" [test/py/TestClient.py:100] | |
| thrift | 0.20.0-1 | experimental | unicode-trojan | 1 | Contents U+202A "LEFT-TO-RIGHT EMBEDDING" [test/py/TestClient.py:99] | |
| thunderbird | 1:128.8.0esr-1 | experimental | unicode-trojan | 1 | Contents U+2067 "RIGHT-TO-LEFT ISOLATE" [tools/lint/test/files/trojan-source/early-return.py:5] | |
| thunderbird | 1:136.0-1 | experimental | unicode-trojan | 1 | Contents U+2067 "RIGHT-TO-LEFT ISOLATE" [tools/lint/test/files/trojan-source/early-return.py:5] |
Showing 1 to 69 of 69 entries