Verify that your XZ Utils version is not vulnerable to CVE-2024-3094
┌──(lypd0㉿kali)-[~]
└─$ ./CVE-2024-3094_checker.sh
___ _ _ ____ ___ ___ ___ __ ___ ___ ___ __
/ __)( \/ )( ___)___(__ \ / _ \(__ \ /. | ___(__ ) / _ \ / _ \ /. |
( (__ \ / )__)(___)/ _/( (_) )/ _/(_ _)(___)(_ \( (_) )\_ /(_ _)
\___) \/ (____) (____)\___/(____) (_) (___/ \___/ (_/ (_)
[*] You are NOT vulnerable to CVE-2024-3094.
CISA (Cybersecurity and Infrastructure Security Agency) and the open-source community have responded to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity has been assigned CVE-2024-3094.
XZ Utils is data compression software commonly present in Linux distributions. The presence of malicious code in these versions may allow unauthorized access to affected systems.
CISA recommends developers and users to take the following actions if their systems are found to be vulnerable:
-
Downgrade XZ Utils: If you are using version 5.6.0 or 5.6.1, downgrade to an uncompromised version, such as XZ Utils 5.4.6 Stable.
-
Hunt for Malicious Activity: After downgrading, thoroughly search for any signs of malicious activity within your systems.
-
Report Findings: If you detect any malicious activity or suspicious behavior, report your findings to CISA for further investigation.