Red Hat warns of a remote backdoor vulnerability in Fedora Linux 40 and Rawhide xz data compression library.
Red Hat has warned that malicious code found in the xz data compression library, present in upcoming Fedora Linux 40 and in Fedora Rawhide, could allow unauthorized remote backdoor access. The vulnerability, CVE-2024-3094, affects xz 5.6.0 and 5.6.1, and has been rated 10 out of 10 in CVSS severity. Users of Fedora Linux 40 and Fedora Rawhide are advised to cease usage until the issue is resolved.
March 29, 2024
6 Articles