xz package is severely affected with injected code in some linux distributions.

xz package is severely affected with injected code in some linux distributions.

zetabeta
Pine Scholar

Joined: Jul 2020

Posts: 431

Reputation: 44

03-29-2024, 02:57 PM

xz package is severely affected with injected code in some linux distributions.

xz library in this case can infect sshd, ssh server. we probably know details later, but ssh server is compromised somehow. and it is not known how this vulnerability is used in the wild.

upgrade or downgrade depending on a distribution asap.

https://lists.debian.org/debian-security...00057.html

https://www.openwall.com/lists/oss-secur...24/03/29/4

https://www.redhat.com/en/blog/urgent-se...hide-users

https://infosec.exchange/@kalilinux/112180505434870941

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	Has anyone successfully flashed an Ox64 (128Mb) from linux?	slondr	3	1,951	02-12-2024, 12:50 AM Last Post: Pavlos1
	[Article] Ox64 BL808 RISC-V SBC: Booting Linux and (maybe) Apache NuttX RTOS	lupyuen	2	858	11-04-2023, 08:41 PM Last Post: lupyuen
	Possible new Pine64 product - Pine Blue Ray DVD Linux tv box	Omnios	5	1,550	07-24-2023, 03:21 PM Last Post: Omnios
	[Article] Booting RISC-V Linux on Star64 JH7110 SBC	lupyuen	3	1,515	07-05-2023, 02:04 AM Last Post: balbes150
	[Article] Inspecting the RISC-V Linux Images for Star64 SBC	lupyuen	3	1,373	06-29-2023, 05:09 AM Last Post: balbes150
	Concerns about Linux future	Chief	15	6,625	01-20-2023, 05:23 AM Last Post: thaleszop
	Online Linux Terminals	palak231	1	996	09-13-2022, 01:50 PM Last Post: anonymous
	Linux desktop on a Snapdragon 870 phone.	Vasant	0	1,272	06-23-2022, 12:40 PM Last Post: Vasant
	Linux support for RK3588	adiboc	0	3,379	02-10-2022, 01:16 PM Last Post: adiboc
	Linux vs NetBSD NIS passwords	KC9UDX	20	17,084	08-19-2021, 02:20 AM Last Post: Gribouille

Forum Jump:

Users browsing this thread: 1 Guest(s)

About Us