Alert: CISA, Red Hat warn about supply chain compromise affecting Linux

March 30, 2024
1 min read


TLDR:

  • A backdoor has been implanted in the two latest versions of XZ Utils software, affecting Linux distributions.
  • The malicious code in versions 5.6.0 and 5.6.1 of XZ Utils libraries allows for unauthorized access to systems.

Red Hat and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have warned about a supply chain compromise of XZ Utils software impacting Linux distributions. The two latest versions of XZ Utils contain malicious code that can enable unauthorized access to systems. XZ Utils is widely used in Linux distributions, and the vulnerability is being tracked at CVE-2024-3094.

Red Hat has advised users to downgrade XZ Utils to an uncompromised version like XZ Utils 5.4.6 Stable and monitor for any signs of malicious activity. The agency recommends reporting any positive findings to CISA. Supply chain compromises, such as the SolarWinds attack of 2020 and the recent 3CX compromise, have had significant impacts. Red Hat ensures that no versions of Red Hat Enterprise Linux (RHEL) are affected by this particular compromise.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and