hazemkya/CVE-2024-3094-checker

CVE-2024-3094 Detection and Remediation Script

This script is designed to detect and remediate a critical vulnerability, CVE-2024-3094, which affects the XZ Utils data compression library. The vulnerability was highlighted in a CISA Alert and has significant implications for system security. This Bash script offers both detection and remediation functionalities.

Disclaimer

This script is provided "AS IS", without warranty of any kind. It has not been thoroughly tested across all environments and configurations. By running this script, you acknowledge and accept that you do so at your own risk.

Usage

Clone the repository:

git clone https://github.com/hazemkya/CVE-2024-3094-checker.git
cd CVE-2024-3094-checker

Default Detection Mode: By default, the script operates in detection mode to only detect if your system is vulnerable.

./CVE-2024-3094-checker.sh

Remediation Mode: By using the -r flag, the script switches to remediation mode, where it attempts to fix the vulnerability by installing a safe version of xz-utils.

./CVE-2024-3094-checker.sh -r

Refrences

• https://nvd.nist.gov/vuln/detail/CVE-2024-3094
• https://www.cisa.gov/news-events/alerts/2024/03/29/reported-supply-chain-compromise-affecting-xz-utils-data-compression-library-cve-2024-3094
• https://www.openwall.com/lists/oss-security/2024/03/29/4