CSA Warns Users about Linux Compression Library Backdoor

The Cyber Security Authority (CSA) has directed users of the Linux Compression Library to constantly run updates on their computers, devices, and applications.

It comes after the discovery of a backdoor to the XZ Utils versions 5.6.0 and 5.6.1 for Linux operating systems, which allows a malicious actor to break SSH authentication and gain unauthorized access to the entire system remotely.

“This vulnerability, tracked as CVE-2024-3094 and rated 10 in CVSS severity is a supply chain attack that compromises the integrity of Secure Shell (SSH) and allows attackers to use a predefined encrypted private key to execute commands on the victim’s machine with administrator permissions,” the CSA said in an advisory on Thursday.

As part of proactive measures to deal with this, the Authority is advising administrators and developers to upgrade their XZ Utils installation to the latest stable version.

Alternatively, users may downgrade to an uncompromised version such as XZ Utils 5.4.6, it said.

It added, “Ensure that infrastructure firmware, operating systems, and user applications are up to date in terms of patches, Use Multi-factor authentication wherever possible as part of access control mechanisms and Limit the use of administrator privileges.”