PLEASE. I keep seeing it in memes. As I understand it the latest version of the xz package (present in rolling release distros like Arch and SUSE Tumbleweed) has “a backdoor”, but I have no earthly clue what can be done by malicious folks with access to that backdoor or if I should be afraid or how to check if my distro is compromised or how to prevent damage if it is or (…)

  • hydroptic
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    3
    ·
    edit-2
    9 months ago

    I literally just gave you a list of what’s vulnerable: Debian / RPM -based distros on x86_64 Linux that installed new versions of liblzma5 (which are so new that likely only rolling release distros had them), running OpenSSH sshd via systemd.

    As to what it could be used to do and what its purpose is, well, the backdoor’s still being analyzed. Seems to be for remote code execution, ie. the attacker could theoretically execute code on a backdoored machine.