Dev1 Galaxy Forum / CVE-2024-3094: LZMA/XZ security report

Re: CVE-2024-3094: LZMA/XZ security report

dummy@example.com (EDX-0) — Mon, 08 Apr 2024 12:10:28 +0000

fun enough, systemd does link xz-utils so machines running systemd with xz-utils 5.6.0 are extra compromised with an init level backdoor...

Re: CVE-2024-3094: LZMA/XZ security report

dummy@example.com (siva) — Tue, 02 Apr 2024 14:55:33 +0000

My references weren't related directly to Devuan but I get your point.

Re: CVE-2024-3094: LZMA/XZ security report

dummy@example.com (soren) — Mon, 01 Apr 2024 01:29:48 +0000

Perhaps admin might sticky this one instead of having more of these threads pop up, at least until this category 5 hurricane of an exploit is fully fleshed out and realized. No disrespect siva but this is about the 5th thread on this subject.

CVE-2024-3094: LZMA/XZ security report

dummy@example.com (siva) — Sun, 31 Mar 2024 23:04:42 +0000

Thought the group might find this interesting.

From Red Hat:

Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.