irfan, There's a huge backdoor (#CVE -2024-3094) allowing remote SSH access (as far as I can tell at this moment) caused by a util called #xz affecting a ton of systems (#Linux and #macOS, well not really) and it's causing quite a huge panic. I honestly don't know much about it just yet, but just sharing some pieces to read about the huge vulnerability.
The person who had maliciously planted this vulnerability into
xz-utils
, Jia Tan, has made at least 750 contributions to the project over the past 2 years. They even have direct push access to the code repo, allowing them to have pushed commits with forged authors. Being "free" from this vulnerability is not as simple as reverting to a previous version due to just how much and how long they've contributed to the project, and people are rightfully suspicious that this person might have hidden other backdoors inxz
.Unlike most other vulnerabilities, it's a lot harder to pinpoint versions affected by this but the most likely case is most systems out there have
xz
installed on their system that are impacted - which at this moment, the info being thrown around is any version past5.3.1
,5.4.6
, or5.6.0
(latest is5.6.1
).🔗 https://access.redhat.com/security/cve/CVE-2024-3094
🔗 https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users
Add comment