This script is designed to detect and remediate a critical vulnerability, CVE-2024-3094, which affects the XZ Utils data compression library. The vulnerability was highlighted in a CISA Alert and has significant implications for system security. This Bash script offers both detection and remediation functionalities.
This script is provided "AS IS", without warranty of any kind. It has not been thoroughly tested across all environments and configurations. By running this script, you acknowledge and accept that you do so at your own risk.
Clone the repository:
git clone https://github.com/hazemkya/CVE-2024-3094-checker.git
cd CVE-2024-3094-checker
Default Detection Mode: By default, the script operates in detection mode to only detect if your system is vulnerable.
./CVE-2024-3094-checker.sh
Remediation Mode: By using the -r flag, the script switches to remediation mode, where it attempts to fix the vulnerability by installing a safe version of xz-utils.
./CVE-2024-3094-checker.sh -r