CVE-2024-3094 in XZ Utils may allow unauthorized access to Linux systems via sshd. Versions 5.6.0 and 5.6.1 of xz libraries contain malicious code.
Debian stable is not affected, but testing, unstable and experimental are. RedHat based distros are affected.
Check for linux updates today.
https://www.helpnetsecurity.com/2024/03/29/cve-2024-3094-linux-backdoor/
Nikola Mitev
npub10f5…0k9z
2024-03-30 07:00:34
Author Public Key
npub10f57ta30esswsxlw5arp49z7v5cl33u5ggqdpv7tfnrr24kygyrq830k9zPublished at
2024-03-30 07:00:34Event JSON
{
"id": "28c8cca5b6bc2ea8ce691ac5ea4f0fc4ca8063b6c4540e9fb5c9fbf4ca8ac571",
"pubkey": "7a69e5f62fcc20e81beea7461a945e6531f8c7944200d0b3cb4cc63556c44106",
"created_at": 1711778434,
"kind": 1,
"tags": [
[
"r",
"https://www.helpnetsecurity.com/2024/03/29/cve-2024-3094-linux-backdoor/"
]
],
"content": "CVE-2024-3094 in XZ Utils may allow unauthorized access to Linux systems via sshd. Versions 5.6.0 and 5.6.1 of xz libraries contain malicious code.\n\nDebian stable is not affected, but testing, unstable and experimental are. RedHat based distros are affected.\n\nCheck for linux updates today.\n\n\n\nhttps://www.helpnetsecurity.com/2024/03/29/cve-2024-3094-linux-backdoor/\n",
"sig": "4b8c1591197e97ef75069df8ed277728ddcde4e174df3c0cdb65e606c563f8422ed10d08292e58122416bd23af01ef0f76601fe907a6b050b77dfcfb20ce6cc7"
}