<!--X-Body-Begin-->
<!--X-User-Header-->
oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->
By Date
By Thread
</form>
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
Re: backdoor in upstream xz/liblzma leading to ssh server compromise
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->
From: Matthias Weckbecker <matthias () weckbecker name>
Date: Fri, 29 Mar 2024 19:44:05 +0100
<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
Hi Andres,
thanks for the nice write-up.
I've attached a yara rule to detect the *.o droplet you attached in the
email (liblzma_la-crc64-fast.o.gz).
I'll look more into this as soon as I return from holidays. Again, nice
write-up. Thanks!
Matthias
Attachment:
CVE-2024-3094-o.yara
Description:
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
By Date
By Thread
Current thread:
Re: backdoor in upstream xz/liblzma leading to ssh server compromise, (continued)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise Alex Gaynor (Mar 29)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise Anthony Liguori (Mar 29)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise Andres Freund (Mar 29)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise Alex Gaynor (Mar 29)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise Jeffrey Walton (Mar 29)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise Ivan Delalande (Mar 29)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise Vegard Nossum (Mar 29)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise Alexander E. Patrakov (Mar 29)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise Alexander E. Patrakov (Mar 29)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise Rein Fernhout (Levitating) (Mar 29)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise Matthias Weckbecker (Mar 29)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise Andres Freund (Mar 29)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise Loganaden Velvindron (Mar 29)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise Tavis Ormandy (Mar 29)
Re: backdoor in upstream xz/liblzma leading to ssh server compromise sjw (Mar 29)
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->