Issued:
2021-11-10
Updated:
2021-11-10

RHSA-2021:4591 - Security Advisory

Synopsis

Moderate: gcc-toolset-11-annobin security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for gcc-toolset-11-annobin is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Annobin provides a compiler plugin to annotate and tools to examine compiled binary files.

Security Fix(es):

  • Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574)

The following changes were introduced in annobin in order to facilitate detection of BiDi Unicode characters:

This update of annobin adds a new annocheck test to detect the presence of multibyte characters in symbol names.

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2005819 - CVE-2021-42574 Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks

Red Hat Enterprise Linux for x86_64 8

SRPM
gcc-toolset-11-annobin-9.85-1.el8_5.1.src.rpm SHA-256: 2f37d720d4429f095346aa41eb687459dfa9ad25d8c99c97cb397e36ea319183
x86_64
gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.x86_64.rpm SHA-256: 79e88c8ca1b7c61cb68d845c2e126d149fc92c77d4c360251da204845f0e99cb
gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: 007d766a819c314bcba5773f98b5910ba64d1b7e8950cb49270ea5507ae811bf
gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: dcc854979fe9079fdfcf1e4574d279c686dc4382465f4f2baef7b957fec0d443
gcc-toolset-11-annobin-docs-9.85-1.el8_5.1.noarch.rpm SHA-256: e1d8728c650aeb210f8f062b5ce3fd796bf1ca9f5edf35eb1f5b70960074871b
gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.x86_64.rpm SHA-256: 87958ac40d57e8b3fdb32e47961a08e00cd5cdb35f554fbc3876b3c7906abd10
gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: 1efc1ec1f76f5778c5a8267c8679fd4fa7125885d53b30129732a6d2ef568556

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM
gcc-toolset-11-annobin-9.85-1.el8_5.1.src.rpm SHA-256: 2f37d720d4429f095346aa41eb687459dfa9ad25d8c99c97cb397e36ea319183
x86_64
gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.x86_64.rpm SHA-256: 79e88c8ca1b7c61cb68d845c2e126d149fc92c77d4c360251da204845f0e99cb
gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: 007d766a819c314bcba5773f98b5910ba64d1b7e8950cb49270ea5507ae811bf
gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: dcc854979fe9079fdfcf1e4574d279c686dc4382465f4f2baef7b957fec0d443
gcc-toolset-11-annobin-docs-9.85-1.el8_5.1.noarch.rpm SHA-256: e1d8728c650aeb210f8f062b5ce3fd796bf1ca9f5edf35eb1f5b70960074871b
gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.x86_64.rpm SHA-256: 87958ac40d57e8b3fdb32e47961a08e00cd5cdb35f554fbc3876b3c7906abd10
gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: 1efc1ec1f76f5778c5a8267c8679fd4fa7125885d53b30129732a6d2ef568556

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
gcc-toolset-11-annobin-9.85-1.el8_5.1.src.rpm SHA-256: 2f37d720d4429f095346aa41eb687459dfa9ad25d8c99c97cb397e36ea319183
x86_64
gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.x86_64.rpm SHA-256: 79e88c8ca1b7c61cb68d845c2e126d149fc92c77d4c360251da204845f0e99cb
gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: 007d766a819c314bcba5773f98b5910ba64d1b7e8950cb49270ea5507ae811bf
gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: dcc854979fe9079fdfcf1e4574d279c686dc4382465f4f2baef7b957fec0d443
gcc-toolset-11-annobin-docs-9.85-1.el8_5.1.noarch.rpm SHA-256: e1d8728c650aeb210f8f062b5ce3fd796bf1ca9f5edf35eb1f5b70960074871b
gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.x86_64.rpm SHA-256: 87958ac40d57e8b3fdb32e47961a08e00cd5cdb35f554fbc3876b3c7906abd10
gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: 1efc1ec1f76f5778c5a8267c8679fd4fa7125885d53b30129732a6d2ef568556

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
gcc-toolset-11-annobin-9.85-1.el8_5.1.src.rpm SHA-256: 2f37d720d4429f095346aa41eb687459dfa9ad25d8c99c97cb397e36ea319183
s390x
gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.s390x.rpm SHA-256: 55f24679b505376ae60c3c39c8f31d2deaf41560c263bf898736f06c843f0ce7
gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.s390x.rpm SHA-256: 64e2519f8b65cca05487474ebf53ba20435fe4e4576868a2d24bd163823cbd8b
gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.s390x.rpm SHA-256: b15f9daa0cb90df314782b667eefeccdcc239065d9bb042bd1d738df97132012
gcc-toolset-11-annobin-docs-9.85-1.el8_5.1.noarch.rpm SHA-256: e1d8728c650aeb210f8f062b5ce3fd796bf1ca9f5edf35eb1f5b70960074871b
gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.s390x.rpm SHA-256: 070558de8059c993992c001303672f5c3c155c432345d25f6b1b944df2deede1
gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.s390x.rpm SHA-256: 2d552729a898fc0ab9eb53b4d077b8b7633177ef9accedb2bf73d7965f76be34

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM
gcc-toolset-11-annobin-9.85-1.el8_5.1.src.rpm SHA-256: 2f37d720d4429f095346aa41eb687459dfa9ad25d8c99c97cb397e36ea319183
s390x
gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.s390x.rpm SHA-256: 55f24679b505376ae60c3c39c8f31d2deaf41560c263bf898736f06c843f0ce7
gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.s390x.rpm SHA-256: 64e2519f8b65cca05487474ebf53ba20435fe4e4576868a2d24bd163823cbd8b
gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.s390x.rpm SHA-256: b15f9daa0cb90df314782b667eefeccdcc239065d9bb042bd1d738df97132012
gcc-toolset-11-annobin-docs-9.85-1.el8_5.1.noarch.rpm SHA-256: e1d8728c650aeb210f8f062b5ce3fd796bf1ca9f5edf35eb1f5b70960074871b
gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.s390x.rpm SHA-256: 070558de8059c993992c001303672f5c3c155c432345d25f6b1b944df2deede1
gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.s390x.rpm SHA-256: 2d552729a898fc0ab9eb53b4d077b8b7633177ef9accedb2bf73d7965f76be34

Red Hat Enterprise Linux for Power, little endian 8

SRPM
gcc-toolset-11-annobin-9.85-1.el8_5.1.src.rpm SHA-256: 2f37d720d4429f095346aa41eb687459dfa9ad25d8c99c97cb397e36ea319183
ppc64le
gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.ppc64le.rpm SHA-256: dfa4690511f52d074355c260bb0d6255b2acec23a1a66d9511f983239dc1564a
gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.ppc64le.rpm SHA-256: 544fa65ac7068a5f6cd106c7c95b2a4dc9c9a3adb6e488758a48711bc790bf06
gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.ppc64le.rpm SHA-256: c8802cdca323b3fdab02928d2a97cfee87aaf1bff8674a9929b0c14dba6a5534
gcc-toolset-11-annobin-docs-9.85-1.el8_5.1.noarch.rpm SHA-256: e1d8728c650aeb210f8f062b5ce3fd796bf1ca9f5edf35eb1f5b70960074871b
gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.ppc64le.rpm SHA-256: f33ce65ec1cd6faf3478f0273fcf926a419128bdc36ba1012812f4f3c478c990
gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.ppc64le.rpm SHA-256: c902d298cef9399aee98113ae33298847cb239bee11e780fc18280650cd769bd

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM
gcc-toolset-11-annobin-9.85-1.el8_5.1.src.rpm SHA-256: 2f37d720d4429f095346aa41eb687459dfa9ad25d8c99c97cb397e36ea319183
ppc64le
gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.ppc64le.rpm SHA-256: dfa4690511f52d074355c260bb0d6255b2acec23a1a66d9511f983239dc1564a
gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.ppc64le.rpm SHA-256: 544fa65ac7068a5f6cd106c7c95b2a4dc9c9a3adb6e488758a48711bc790bf06
gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.ppc64le.rpm SHA-256: c8802cdca323b3fdab02928d2a97cfee87aaf1bff8674a9929b0c14dba6a5534
gcc-toolset-11-annobin-docs-9.85-1.el8_5.1.noarch.rpm SHA-256: e1d8728c650aeb210f8f062b5ce3fd796bf1ca9f5edf35eb1f5b70960074871b
gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.ppc64le.rpm SHA-256: f33ce65ec1cd6faf3478f0273fcf926a419128bdc36ba1012812f4f3c478c990
gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.ppc64le.rpm SHA-256: c902d298cef9399aee98113ae33298847cb239bee11e780fc18280650cd769bd

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
gcc-toolset-11-annobin-9.85-1.el8_5.1.src.rpm SHA-256: 2f37d720d4429f095346aa41eb687459dfa9ad25d8c99c97cb397e36ea319183
x86_64
gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.x86_64.rpm SHA-256: 79e88c8ca1b7c61cb68d845c2e126d149fc92c77d4c360251da204845f0e99cb
gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: 007d766a819c314bcba5773f98b5910ba64d1b7e8950cb49270ea5507ae811bf
gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: dcc854979fe9079fdfcf1e4574d279c686dc4382465f4f2baef7b957fec0d443
gcc-toolset-11-annobin-docs-9.85-1.el8_5.1.noarch.rpm SHA-256: e1d8728c650aeb210f8f062b5ce3fd796bf1ca9f5edf35eb1f5b70960074871b
gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.x86_64.rpm SHA-256: 87958ac40d57e8b3fdb32e47961a08e00cd5cdb35f554fbc3876b3c7906abd10
gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: 1efc1ec1f76f5778c5a8267c8679fd4fa7125885d53b30129732a6d2ef568556

Red Hat Enterprise Linux for ARM 64 8

SRPM
gcc-toolset-11-annobin-9.85-1.el8_5.1.src.rpm SHA-256: 2f37d720d4429f095346aa41eb687459dfa9ad25d8c99c97cb397e36ea319183
aarch64
gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.aarch64.rpm SHA-256: e6dd38cac58d2ee1007e0ea13af63a6b34a47d1d282d68effd53ee20acf46b99
gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.aarch64.rpm SHA-256: 744ab862d1414b1b2b5409efcf100a27c2020d37821cfe5624f5097028e750ee
gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.aarch64.rpm SHA-256: 9666bb1f86f18d6babf62e99a82f8cd2ea96bf099552f46ce7558cff514e52de
gcc-toolset-11-annobin-docs-9.85-1.el8_5.1.noarch.rpm SHA-256: e1d8728c650aeb210f8f062b5ce3fd796bf1ca9f5edf35eb1f5b70960074871b
gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.aarch64.rpm SHA-256: 4956d347c0a02772cc5c3a961b92df37181a4b5a8c22bd97b60180de849c0789
gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.aarch64.rpm SHA-256: 22717c3d3056a500188c39ecfbaccd478678c8a763cf1de69c8a8a821ea6b62c

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM
gcc-toolset-11-annobin-9.85-1.el8_5.1.src.rpm SHA-256: 2f37d720d4429f095346aa41eb687459dfa9ad25d8c99c97cb397e36ea319183
aarch64
gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.aarch64.rpm SHA-256: e6dd38cac58d2ee1007e0ea13af63a6b34a47d1d282d68effd53ee20acf46b99
gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.aarch64.rpm SHA-256: 744ab862d1414b1b2b5409efcf100a27c2020d37821cfe5624f5097028e750ee
gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.aarch64.rpm SHA-256: 9666bb1f86f18d6babf62e99a82f8cd2ea96bf099552f46ce7558cff514e52de
gcc-toolset-11-annobin-docs-9.85-1.el8_5.1.noarch.rpm SHA-256: e1d8728c650aeb210f8f062b5ce3fd796bf1ca9f5edf35eb1f5b70960074871b
gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.aarch64.rpm SHA-256: 4956d347c0a02772cc5c3a961b92df37181a4b5a8c22bd97b60180de849c0789
gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.aarch64.rpm SHA-256: 22717c3d3056a500188c39ecfbaccd478678c8a763cf1de69c8a8a821ea6b62c

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
gcc-toolset-11-annobin-9.85-1.el8_5.1.src.rpm SHA-256: 2f37d720d4429f095346aa41eb687459dfa9ad25d8c99c97cb397e36ea319183
ppc64le
gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.ppc64le.rpm SHA-256: dfa4690511f52d074355c260bb0d6255b2acec23a1a66d9511f983239dc1564a
gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.ppc64le.rpm SHA-256: 544fa65ac7068a5f6cd106c7c95b2a4dc9c9a3adb6e488758a48711bc790bf06
gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.ppc64le.rpm SHA-256: c8802cdca323b3fdab02928d2a97cfee87aaf1bff8674a9929b0c14dba6a5534
gcc-toolset-11-annobin-docs-9.85-1.el8_5.1.noarch.rpm SHA-256: e1d8728c650aeb210f8f062b5ce3fd796bf1ca9f5edf35eb1f5b70960074871b
gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.ppc64le.rpm SHA-256: f33ce65ec1cd6faf3478f0273fcf926a419128bdc36ba1012812f4f3c478c990
gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.ppc64le.rpm SHA-256: c902d298cef9399aee98113ae33298847cb239bee11e780fc18280650cd769bd

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
gcc-toolset-11-annobin-9.85-1.el8_5.1.src.rpm SHA-256: 2f37d720d4429f095346aa41eb687459dfa9ad25d8c99c97cb397e36ea319183
x86_64
gcc-toolset-11-annobin-annocheck-9.85-1.el8_5.1.x86_64.rpm SHA-256: 79e88c8ca1b7c61cb68d845c2e126d149fc92c77d4c360251da204845f0e99cb
gcc-toolset-11-annobin-annocheck-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: 007d766a819c314bcba5773f98b5910ba64d1b7e8950cb49270ea5507ae811bf
gcc-toolset-11-annobin-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: dcc854979fe9079fdfcf1e4574d279c686dc4382465f4f2baef7b957fec0d443
gcc-toolset-11-annobin-docs-9.85-1.el8_5.1.noarch.rpm SHA-256: e1d8728c650aeb210f8f062b5ce3fd796bf1ca9f5edf35eb1f5b70960074871b
gcc-toolset-11-annobin-plugin-gcc-9.85-1.el8_5.1.x86_64.rpm SHA-256: 87958ac40d57e8b3fdb32e47961a08e00cd5cdb35f554fbc3876b3c7906abd10
gcc-toolset-11-annobin-plugin-gcc-debuginfo-9.85-1.el8_5.1.x86_64.rpm SHA-256: 1efc1ec1f76f5778c5a8267c8679fd4fa7125885d53b30129732a6d2ef568556

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.