March 29, 2024 at 06:05PM
Red Hat has warned about a backdoor in the xz compression library affecting Fedora Linux 40, 41, and Rawhide. The vulnerability, rated 10/10 in severity, provides remote backdoor access and interferes with sshd authentication. Users are advised to stop using Fedora Rawhide instances. Red Hat Enterprise Linux (RHEL) is not affected. The backdoor is suspected to be the work of a sophisticated attacker.
Based on the meeting notes, the key takeaways are:
– A malicious backdoor has been found in the xz data compression library, potentially affecting Fedora Linux 40, 41, and Fedora Rawhide.
– The vulnerability is rated 10 out of 10 in severity (CVE-2024-3094).
– Users of Fedora Rawhide are advised to immediately stop usage, as the distribution will be reverted to xz-5.4.x shortly.
– Red Hat Enterprise Linux (RHEL) is not affected by this vulnerability.
– The malicious code has been obfuscated and may interfere with SSH access, potentially allowing unauthorized access to affected systems.
– The US Cybersecurity and Infrastructure Security Agency (CISA) has been notified of the incident.
Please let me know if you need further information or if there are any questions.