CVE-2024-3094 is a critical security vulnerability discovered in the upstream tarballs of the xz utility, starting with version 5.6.0. This vulnerability involves malicious code that, through complex obfuscations, manipulates the build process of liblzma.
During the build, a prebuilt object file is extracted from a disguised test file within the source code. This file then modifies specific functions in the liblzma code, resulting in a compromised liblzma library. Any software linked against this modified library could intercept and alter data interactions, posing significant security risks
This is the most critical and the recommended mitigation strategy. Update your XZ Utils package to the patched version released by your Linux distribution provider. These updates address the vulnerability and eliminate the backdoor code.
Treat this as a temporary solution until a permanent patch is applied. But it's still useful to find if you are running a compromised version.
This project contains a simple shell script designed to help users identify and fix installations of xz-utils affected by the CVE-2024-3094 vulnerability. Versions 5.6.0 and 5.6.1 of xz-utils are known to be vulnerable, and this script aids in detecting them and optionally downgrading to a stable, uncompromised version (5.4.6).
CVE-2024-3094 is a critical security vulnerability found in specific versions of xz-utils, a widely used compression tool. This script automates the process of checking your system for the vulnerable versions and provides a prompt to download and install a secure version if necessary.
Before running this script, ensure your system has the following:
wgetorcurlfor downloading the source code of xz-utils.- Compilation tools (
gcc,make) for building xz-utils from source. sudoprivileges to install the newly compiled version of xz-utils.
-
Download the Script
First, clone this repository or download the script directly using wget or curl.
-
Make the Script Executable Change the permission of the script file to make it executable.
chmod +x CVE-2024-3094.sh -
Run the Script Execute the script. It will automatically detect your system's xz-utils version and guide you through the process of fixing the vulnerability.
./CVE-2024-3094.sh`Follow the on-screen prompts to complete the process.
If you prefer to manually address the vulnerability or if the script encounters any issues, follow the steps outlined in the script's comments to download, compile, and install a safe version of xz-utils.
Contributions to improve this script or extend its capabilities are welcome. Please feel free to submit pull requests or create issues for bugs and feature requests.
This script is provided "as is", without warranty of any kind. Use it at your own risk. Always backup your data before making system changes.