/CVE-2024-3094-checker

Quick and dirty PoC for checking whether a vulnerable version of xz-utils is installed (CVE-2024-3094)

Primary LanguageShell

CVE-2024-3094 checker

xz Utils versions 5.6.0 and 5.6.1 appear to be compromised.

XZ Utils is data compression software and may be present in Linux distributions. The malicious code may allow unauthorized access to affected systems.

Sources:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3094

https://access.redhat.com/security/cve/CVE-2024-3094

https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users

https://www.openwall.com/lists/oss-security/2024/03/29/4

CISA recommends developers and users to downgrade XZ Utils to an uncompromised version such as XZ Utils 5.4.6 Stable.

You can use this script to quickly check whether your Linux system contains a vulnerable version of XZ Utils, uninstall it and eventually attempt installing a safe version automatically.

Usage:

wget https://raw.githubusercontent.com/FabioBaroni/CVE-2024-3094-checker/main/CVE-2024-3094-checker.sh
chmod +x CVE-2024-3094-checker.sh
./CVE-2024-3094-checker.sh

Disclaimer:

This shell script is provided as-is and without warranty of any kind, express or implied. By executing this script, you acknowledge that you do so at your own risk. The author(s) of this script shall not be liable for any damages or issues that may arise from its use, including but not limited to data loss, system instability, or any other unintended consequences. It is recommended to review the script and understand its functionality before running it, and to ensure that appropriate backups are in place. Use of this script implies your acceptance of these terms.