Posted 3/29/2024, 6:50:34 PM
Backdoor Discovered in Popular Linux Compression Tool, Averted Major Impacts
- Malicious code was found in the xz Utils compression tool that is used in many Linux distributions
- The backdoor was introduced in versions 5.6.0 and 5.6.1 of xz Utils
- The backdoor breaks SSH authentication, allowing unauthorized remote access
- The backdoor was discovered before making it into production Linux releases, averting major impact
- Linux distributions like Red Hat and Debian have now reverted to older, non-backdoored versions of xz Utils