XZ Utils backdoor
id:
xz-utils-backdoor-185-8588432
title:
XZ Utils backdoor
text:
In February 2024, a malicious backdoor was introduced to the Linux utility xz within the liblzma library in versions 5.6.0 and 5.6.1 by an account using the name "Jia Tan". The backdoor gives an attacker who possesses a specific Ed448 private key remote code execution capabilities on the affected Linux system. The issue has been given the Common Vulnerabilities and Exposures number CVE-2024-3094 and has been assigned a CVSS score of 10.0, the highest possible score. While xz is commonly present
brand slug:
wiki
category slug:
encyclopedia
description:
Malicious software backdoor on Linux
original url:
https://en.wikipedia.org/wiki/XZ_Utils_backdoor
date created:
2024-03-29T21:55:32Z
date modified:
2024-09-07T20:19:45Z
main entity:
{"identifier":"Q125219823","url":"https://www.wikidata.org/entity/Q125219823"}
image:
{"content_url":"https://upload.wikimedia.org/wikipedia/commons/6/67/XZ_logo_contributed_by_Jia_Tan.png","width":266,"height":216}
fields total:
13
integrity:
16