{"uuid": "91464a2a-9cb7-46d3-a30b-6646c6c2126d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3094", "type": "exploited", "source": "https://t.me/information_security_channel/51920", "content": "Behind Enemy Lines: Understanding the Threat of the XZ Backdoor\nhttps://www.offsec.com/offsec/xz-backdoor/\n\nThe following is an excerpt from our new module on the recent XZ Utils backdoor, CVE-2024-3094.\n\u00a0\nOn Mar 29, 2024, at 12:00PM ET, Andres Freund posted (https://www.openwall.com/lists/oss-security/2024/03/29/4) on the Openwall mailing list about a backdoor he discovered in the XZ Utils (https://github.com/tukaani-project/xz) package. The backdoor targeted the OpenSSH (https://www.openssh.com/) binary, allowing remote code execution on impacted machines. This backdoor was not located in the GitHub repository, but only in release versions of the package, which hid its presence.\nGiven that XZ Utils had been installed (directly or indirectly) on billions of Linux systems worldwide, this finding stunned the international Linux and infosec communities.\nUnderstanding the Timeline of the Attack\nIn late 2021,\n... Read more \u00bb (https://www.offsec.com/offsec/xz-backdoor/)\nThe post Behind Enemy Lines: Understanding the Threat of the XZ Backdoor (https://www.offsec.com/offsec/xz-backdoor/) appeared first on OffSec (https://www.offsec.com/).", "creation_timestamp": "2024-04-09T20:13:46.000000Z"}