Shell scripts to identify and fix installations of xz-utils affected by the CVE-2024-3094 vulnerability. Versions 5.6.0 and 5.6.1 of xz-utils are known to be vulnerable, and this script aids in detecting them and optionally downgrading to a stable, un-compromised version (5.4.6) or upgrading to latest version. Added Ansible Playbook

XZ Backdoor Extract(Test on Ubuntu 23.10)

xz-vulnerability-poc (cross platform) This repository contains a Proof of Concept (POC) script for the xz vulnerability

An xz-backdoor container image based on xzbot project for learning purpose

A signed and notarized universal macOS installer package for XZ Utils.

Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

A simple C program with stubs, allowing one to dynamically debug the backdoor included in liblzma

A safe Go interface to liblzma, the "xz" compression library.

CVE-2024-3094

xz, a lossless data compression file format based on the LZMA algorithm

Checker for CVE-2024-3094 where malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code.

XZ Utils (wrapper)