Backdoor in upstream xz/liblzma in various LINUX/SOLARIS distributions – CVE-2024-3094


In the upstream of the pack program “xz”, concerning the library “liblzma” in versions 5.6.x, a high-risk vulnerability has been actively introduced, which is used in various LINUX/SOLARIS distributions. This allows the authentication function of OpenSSH to be specifically forwarded to malicious code and enables direct access to the system.

Our checks have shown that no VIVAVIS AG product is affected by this vulnerability.

Peter Schwark


Our RSS feed always keeps you up to date! This way, you’ll receive same-day notification when a new article has been posted to the IT Security Bulletin. Just enter the following link in your feed reader:

You can find out how to integrate the RSS feed into Outlook here.

Call now
Call now +49 7243 218 0
Send Mail
Send Mail
Locations & Contact
Locations & Contact Explore now