danielleaminov
I've been looking into how the xz backdoor works and drew this sketch to make it easier to understand.
I'll update it as new information comes to light ✨
Apr 2, 2024 at 8:45amWeb
Show threaddanielleaminovApr 2, 2024
Check out our blogpost for more information 💫
https://www.wiz.io/blog/cve-2024-3094-critical-rce-vulnerability-found-in-xz-utils
CVE-2024-3094: Critical RCE Vulnerability Found in XZ Utils | Wiz Blog

CVE-2024-3094 is a malicious code vulnerability in versions 5.6.0 and 5.6.1 of XZ Utils, enabling an SSH authentication bypass in certain Linux distributions

wiz.io