CVE-2024-3094
CVE identifier(s) | CVE-2024-3094 |
---|---|
Date discovered | March 29, 2024 |
Discoverer | Andres Freund |
Affected software | xz / liblzma library |
CVE-2024-3094 is a software backdoor and a supply chain attack maliciously introduced in the Linux utility xz / liblzma in the version 5.6.0 in February 2024. xz is commonly deployed as part of the widely used OpenSSH daemon, and the use of the backdoor is expected to give the attacker remote code execution on any Linux system using the affected version.
It has been assigned a CVE severity score of 10/10.[1]
Background[edit]
On 29th of March 2024, security researcher Andres Freund reported the backdoor after investigating a performance regression in Debian Sid.[2] According to the analysis by Red Hat, the backdoor can "enable a malicious actor to break sshd authentication and gain unauthorized access to the entire system remotely". There is evidence that the attacker made efforts to obfuscate the backdoor.[3][4]
Response[edit]
US federal agency responsible for cyber infrastructure, Cybersecurity and Infrastructure Security Agency, has issued a security advisory, recommending that the affected devices should roll-back to a previous uncompromised version.[5] Linux software vendors, including Red Hat,[6] SUSE,[7] Debian,[8] have mirrored the CISA advisory, and reverted the updates for the affected packages to the known-safe version.
References[edit]
- ↑ Gatlan, Sergiu. "Red Hat warns of backdoor in XZ tools used by most Linux distros". BleepingComputer. Retrieved 29 March 2024.
- ↑ Zorz, Zeljka (29 March 2024). "Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)". Help Net Security. Retrieved 29 March 2024.
- ↑ Larabel, Michael. "XZ Struck By Malicious Code That Could Allow Unauthorized Remote System Access". www.phoronix.com. Retrieved 29 March 2024.
- ↑ O’Donnell-Welch, Lindsey (29 March 2024). "Red Hat, CISA Warn of XZ Utils Backdoor". Decipher. Retrieved 29 March 2024.
- ↑ "Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094 | CISA". www.cisa.gov. 29 March 2024. Retrieved 29 March 2024.
- ↑ "Urgent security alert for Fedora 41 and Fedora Rawhide users". www.redhat.com. Retrieved 29 March 2024.
- ↑ "SUSE addresses supply chain attack against xz compression library | SUSE Communities". www.suse.com. Retrieved 29 March 2024.
- ↑ "[SECURITY] [DSA 5649-1] xz-utils security update". lists.debian.org. Retrieved 29 March 2024.
External links[edit]
Other articles of the topic Internet : Kayden James Buchanan, Rotten Tomatoes, MrWolfy, PewPew, Amazon Music, List of most popular websites, YouTube Music
Some use of "" in your query was not closed by a matching "".Some use of "" in your query was not closed by a matching "".
This article "CVE-2024-3094" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:CVE-2024-3094. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.