vulnerability
Rocky Linux: CVE-2024-3094: xz: Embedded Malicious Code
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | 03/29/2024 | 04/15/2024 | 04/15/2024 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
03/29/2024
Added
04/15/2024
Modified
04/15/2024
Description
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0.
Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.
Solution
linux-cve-2024-3094
References
- NVD-CVE-2024-3094
- URL-https://access.redhat.com/security/cve/CVE-2024-3094
- URL-https://explore.alas.aws.amazon.com/CVE-2024-3094.html
- URL-https://www.openwall.com/lists/oss-security/2024/03/29/4
- URL-https://www.rapid7.com/blog/post/2024/04/01/etr-backdoored-xz-utils-cve-2024-3094/
- URL-https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.