- Secret backdoor discovered in XZ Utils compression library affecting major Linux distros like Fedora, Kali Linux, and openSUSE.
- RedHat issued an urgent security alert about the backdoored XZ Utils versions 5.6.0 and 5.6.1, with a severity score of 10.0.
- Malicious code inserted into XZ Utils library can compromise the sshd daemon process for SSH, potentially allowing unauthorized remote access.
- Microsoft security researcher Andres Freund identified the issue, linked to a user named JiaT75 on GitHub, prompting GitHub to disable the XZ Utils repository.
- CISA recommends downgrading XZ Utils to a safe version, with active exploitation not reported yet and certain Linux distributions unaffected.
https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html
Related Video
Published on: March 29, 2024
Description: Backdoor found in xz liblzma specifically targets the RSA implementation of OpenSSH. Story still developing.
malicious backdoor found in ssh libraries
Related Wikipedia Articles
Topics: No responseResponse
Response may refer to: Call and response (music), musical structure Reaction (disambiguation) Request–response Output or response, the result of telecommunications input Response (liturgy), a line answering a versicle Response (music) or antiphon, a response to a psalm or other part of a religious service Response, a phase in emergency management...
Read more: Response
