Critical Backdoor Discovered in XZ Utilities Compromises Linux Security

March 29, 2024 at 06:50 PM

•

1 min read

Critical Backdoor Discovered in XZ Utilities Compromises Linux Security — Photo: Ars Technica

TL;DR Summary

Malicious code was discovered in the widely used xz Utils compression tool, affecting versions 5.6.0 and 5.6.1, which made its way into beta releases of major Linux distributions, including Red Hat and Debian. The backdoor was designed to break SSH authentication, potentially allowing unauthorized access to systems. While the malicious versions were caught before being added to production releases, users are advised to check with their distributors to determine if their systems are affected.

Topics:technology #backdoor #cybersecurity #linux #ssh #supply-chain-attack #xz-utils

Share this article

Backdoor found in widely used Linux utility breaks encrypted SSH connections Ars Technica
Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094) Help Net Security
Red Hat warns of backdoor in XZ tools used by most Linux distros BleepingComputer
Red Hat, CISA Warn of XZ Utils Backdoor Duo Security
XZ tools and libraries compromised with a critical issue GamingOnLinux

Reading Insights

Total Reads

Unique Readers

Time Saved

4 min

vs 5 min read

Condensed

91%

859 → 74 words

Want the full story? Read the original article

Read on Ars Technica

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights