The malicious code is known to be in 5.6.0 and 5.6.1 releases of the XZ Utils software package. The exploit remains dormant unless a specific third-party patch of the SSH server is used. Under the right circumstances this interference could potentially enable a malicious actor to break sshd authentication and gain unauthorized access to the ...

2024年4月1日 · Malicious code added to xz Utils versions 5.6.0 and 5.6.1 modified the way the software functions. The backdoor manipulated sshd, the executable file used to make remote SSH connections.

2024 年 3 月 29 日，红帽(Red Hat)和美国网络安全和基础设施安全局(CISA)联合发布警告，称流行的Linux压缩工具 XZ Utils 存在影响广泛的高危漏洞（CVSS评分10分）。由于XZ压缩工具广泛存在于各种Linux发行版本中，因此检查并修复该漏洞是本周企业IT和安全团队的头等 ...

2024年3月29日 · Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those from Red Hat and Debian. The compression utility, known as...

3 天之前 · On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that gives developers lossless compression. This package is commonly used for compressing release tarballs, software packages, kernel images, and initramfs images.

2024年3月31日 · The sophisticated malicious payload that came with the affected versions of XZ Utils ran in the same process as the OpenSSH server (SSHD) and modified decryption routines in the OpenSSH server in order to allow specific remote attackers (that own a specific private key) to send arbitrary payloads through SSH which will be executed before the ...

2024年5月14日 · The SSH backdoor would allow remote unauthenticated attackers to achieve remote code execution on the infected systems bypassing the authentication in place. It was assigned CVE-2024–3094 with ...

2024年3月30日 · SSH使用的上游liblzma库被植入了后门代码，恶意代码可能允许攻击者通过后门版本的SSH非授权获取系统的访问权限。 后门事件： XZ是类Unix操作系统上的一种无损数据压缩格式，通常与gzibzip2 等其他常见数据压缩格式进行比较。

2024年3月30日 · Andres Freund, a Microsoft principal software engineer, analyzed the xz malware. Freund found the attacker had injected an obfuscated script that activated the backdoor. In some cases, its main attack wouldn’t work, and the only result was to …

Discover how CVE-2024-3094 affects XZ Utils and enables SSH compromise. Get insights on detection, mitigation, and system security.