Hello Linux users, 

A critical backdoor was recently found in the widely used xz compression utility, posing a severe threat to Linux distros incorporating libsystemd. The issue has received a maximum CVSS score of 10 and could expose vulnerable SSH services to unauthorized access and compromise.

The potential compromise of SSH has severe implications for admins and security practitioners, as SSH is a fundamental tool used to access and manage systems remotely.

Read on to learn how to mitigate this flaw and secure SSH. You’ll also get updates on other issues impacting your open-source programs and applications that could execute rogue programs on your computer or expose your data.

If you gained valuable information from reading today’s newsletter, please share it with a fellow security geek. Do you have a Linux security-related topic you'd like to cover for our audience? We welcome contributions from enthusiastic, insightful community members who share our passion for Linux and security!

Stay safe out there,

Brittany Signature 150 Esm W150

xz-utils

The Discovery 

A critical backdoor in the widely used xz compression utility has been discovered. The issue is tracked as CVE-2024-3094 and has a maximum CVSS score of 10. This bug affects Linux distributions that incorporate libsystemd. 

Xz Utils Logo Esm W400

The Impact

This severe flaw could expose vulnerable SSH services to unauthorized access and compromise. SSH compromise has severe implications for admins and security practitioners, as SSH is a fundamental tool used to access and manage systems remotely.

The Fix

An important update for xz-utils has been released to fix this issue. Given the severe threat this backdoor poses to affected systems if left unpatched, we strongly encourage all impacted users to update now to secure their SSH services against compromise.

Your Related Advisories:

[distro_list_1]

util-linux

The Discovery 

A critical vulnerability has been found in the wall command of the util-linux package. This vulnerability, known as WallEscape and tracked as CVE-2024-28085, has been present in every package version for over a decade. This bug allows an attacker to exploit escape control characters to create a fake SUDO prompt on other users' terminals. It can be exploited under certain conditions, mainly when the "mesg" utility is active and the wall command has setgid permissions.

Util Linux Esm W204

The Impact

This flaw could trick users into revealing sensitive information, such as admin passwords.

The Fix

Admins are advised to upgrade to linux-utils v2.40 or implement mitigations by removing setgid permissions from the wall command or disabling the message broadcast functionality using the 'mesg' command. Distos have released essential advisory bug fixes addressing this issue. We urge all impacted users to apply these updates immediately to safeguard their sensitive information against compromise.

Your Related Advisories:

[distro_list_2]

Firefox

The Discovery 

Significant memory safety and denial of service vulnerabilities have been found in Firefox. A malicious actor could exploit these flaws to access sensitive data, run rogue programs on your computer, disrupt services, bypass security restrictions, perform cross-site tracing, or escalate system privileges.

Firefox Esm W220

The Impact

These vulnerabilities could result in service disruption or information disclosure.

The Fix

A critical Firefox security patch update has been released to mitigate these flaws. Given the severe threat these bugs pose to affected systems if left unpatched, we urge all impacted users to update promptly to protect their sensitive data and prevent downtime.

Your Related Advisories:

[distro_list_3]