A Shocking Discovery in Linux Community: Backdoor Uncovered in xz-utils Package
The Linux community was recently rocked by the discovery of a backdoor in versions 5.6.0 to 5.6.1 of the widely used xz-utils package, posing a major security threat to Linux distributions including Kali Linux.
Vulnerability Pose Risk of Unauthorized Remote Access
The vulnerability, known as CVE-2024-3094, puts systems at risk of compromised sshd authentication, potentially allowing malicious actors to gain unauthorized access to networks and sensitive information.
With xz-utils being a trusted and widely used data compression library, the severity of this backdoor has raised serious concerns for the security of Linux users.
Immediate Action Required for Kali Linux Users
Kali Linux users who updated their installations between March 26th and March 29th, 2024, are at risk of having installed the compromised version (5.6.0-0.2) of xz-utils.
To check if your system is affected, run the command “apt-cache policy liblzma5” and if it shows version 5.6.0-0.2, it is crucial to upgrade to version 5.6.1+really5.4.5-1 immediately with the commands “sudo apt update && sudo apt install -y –only-upgrade liblzma5.”
Stay Informed and Protected
To prevent such incidents and protect the integrity of open-source software, it is vital for users to stay updated on potential vulnerabilities and apply updates and patches promptly. Follow us on LinkedIn and Twitter to stay informed about Cybersecurity news and updates.