Linux again with a “hole”. Backdoor discovery in xz library

Linux again with a “hole”. Backdoor discovery in xz library
Linux again with a “hole”. Backdoor discovery in xz library
-

A backdoor consists of exploiting a vulnerability that allows unauthorized access to an operating system. A backdoor was recently discovered in the xz library for Linux.

Linux again with

 

Linux: SSH attacks possible

The xz library is used on Linux systems as a compression library that implements the LZMA2 algorithm. This library provides a high compression ratio and good decompression speed.

According to the information, the backdoor was discovered after a user observed some strange symptoms in the liblzma library, which is part of the xz package. From what is known, a backdoor was implemented in the upstream xz repository and xz tarballs.

Linux again with

By having this port open on the system, an attacker could remotely access a machine via SSH. This flaw in Linux affects the most diverse distributions. It should also be noted that the backdoor was discovered, as the user went to investigate why SSH connections now have double the latency.

See more

There is still no concrete information regarding who implemented this backdoor, but we already suspect someone, taking into account the history. There will certainly be more details about this failure in the coming days. You can follow the vulnerability here – CVE-2024-3094 (which has a severity rating of 10 out of 10).


The article is in Portuguese

Tags: Linux hole Backdoor discovery library

-

-

PREV Is it worth buying a Polystation in 2024?
NEXT Did you run out of gas? Palworld has lost 97% of players since its launch