Backdoor In Common Linux Utility XZ, Multiple Distros Affected: Everything We Know

Backdoor In Common Linux Utility XZ, Multiple Distros Affected: Everything We Know

March 30, 2024 | Categories: Threats

On March 29, 2024, a malicious backdoor was discovered to have been inserted into the xz data compression library in a software supply chain attack.

On March 29, 2024, a malicious backdoor was discovered to have been inserted into the xz data compression library in a software supply chain attack, impacting multiple Linux distributions including Redhat, Fedora, Fedora Rawhide, SuSe, Debian, and Kali Linux.. The compromised versions, xz 5.6.0 and 5.6.1, include malicious code granting remote access through OpenSSH and systemd, identified as CVE-2024-3094.

Users of these platforms are advised to take appropriate action to mitigate the impact of this backdoor which could have included remote access by malicious actors, password compromise, and/or full system compromise of affected systems.

Andres Freund, the developer who found the backdoor, posted information about it here:

backdoor in upstream xz/liblzma leading to ssh server compromise

CISA released information about the attack here.

RedHat issued an advisory here.

Kali published a blog entry here.

Debian published some information here.

Evan Boehs wrote some additional information about the timeline of events here.

There were initial reports that macOS users who use homebrew may be affected but it appears the backdoor specifically targets libsystemd of Linux distributions and it is unlikely to work on macOS systems.

More info here on Github.

More info here at OpenWall.

Commentary here by Dave Aitel on Bugdoors vs. Backdoors.

This post will be updated as new information is learned.

document
Easy Install

From small business to enterprise, Karma-X installs simply and immediately adds peace of mind

shop
Integration Ready

Karma-X doesn't interfere with other software, only malware and exploits, due to its unique design.

time-alarm
Reduce Risk

Whether adversary nation or criminal actors, Karma-X significantly reduces exploitation risk of any organization

office
Updated Regularly

Update to deploy new defensive techniques to suit your organization's needs as they are offered

box-3d-50

Deploy
Karma-X

Get Karma-X!