Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Re: backdoor in upstream xz/liblzma leading to ssh server compromise

Related Vulnerabilities: CVE-2024-3094  
Source 
                							

                <!--X-Body-Begin-->
<!--X-User-Header-->

oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->

By Date

By Thread

</form>

<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
Re: backdoor in upstream xz/liblzma leading to ssh server compromise

<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->

From: Matthias Weckbecker &lt;matthias () weckbecker name&gt;

Date: Fri, 29 Mar 2024 19:44:05 +0100

<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->

<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
Hi Andres,

thanks for the nice write-up.

I've attached a yara rule to detect the *.o droplet you attached in the
email (liblzma_la-crc64-fast.o.gz).

I'll look more into this as soon as I return from holidays. Again, nice
write-up. Thanks!

Matthias
Attachment:
CVE-2024-3094-o.yara
Description: 

<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->

<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->

By Date

By Thread

Current thread:

Re: backdoor in upstream xz/liblzma leading to ssh server compromise, (continued)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise Alex Gaynor (Mar 29)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise Anthony Liguori (Mar 29)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise Andres Freund (Mar 29)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise Alex Gaynor (Mar 29)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise Jeffrey Walton (Mar 29)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise Ivan Delalande (Mar 29)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise Vegard Nossum (Mar 29)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise Alexander E. Patrakov (Mar 29)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise Alexander E. Patrakov (Mar 29)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise Rein Fernhout (Levitating) (Mar 29)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise Matthias Weckbecker (Mar 29)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise Andres Freund (Mar 29)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise Loganaden Velvindron (Mar 29)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise Tavis Ormandy (Mar 29)

Re: backdoor in upstream xz/liblzma leading to ssh server compromise sjw (Mar 29)

<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started