Security News > 2024 > March > Red Hat warns of backdoor in XZ tools used by most Linux distros

Red Hat warns of backdoor in XZ tools used by most Linux distros
2024-03-29 17:50

Today, Red Hat warned users to immediately stop using systems running Fedora development versions because of a backdoor found in the latest XZ Utils data compression tools and libraries.

"No versions of Red Hat Enterprise Linux are affected. We have reports and evidence of the injections successfully building in xz 5.6.x versions built for Debian unstable."

Red Hat is now tracking this supply chain security vulnerability as CVE-2024-3094, assigned it a 10/10 critical severity score, and reverted to 5.4.x versions of XZ in Fedora 40 beta.

"The resulting malicious build interferes with authentication in sshd via systemd. SSH is a commonly used protocol for connecting remotely to systems, and sshd is the service that allows access," Red Hat said.

Exploits released for Linux flaw giving root on major distros.

New 'Looney Tunables' Linux bug gives root on major distros.


News URL

https://www.bleepingcomputer.com/news/security/red-hat-warns-of-backdoor-in-xz-tools-used-by-most-linux-distros/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-03-29 CVE-2024-3094 Embedded Malicious Code vulnerability in Tukaani XZ 5.6.0/5.6.1
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0.
network
low complexity
tukaani CWE-506
critical
10.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 17 373 2478 1533 666 5050