I found the bad version of xz on my Macbook, but fortunately it looks like it doesn’t actively exploit macOS. 😬
It was installed via Brew due to being a dependency in 4 other packages I actively use. Brew had a patch waiting, which curiously just downgraded xz to an earlier version.
"These conditions include targeting only x86-64 linux" and "due to the working of the injected code... it is likely the backdoor can only work on glibc based systems."
#xz #cve20243094
https://mastodon.social/@AndresFreundTec/112180083704606941
i am root /
npub1af…pf93u
2024-03-29 23:47:31
Author Public Key
npub1afyy2tf9f2fa97mhydp0ux0tyeva9rru2eqdufs3mqlz5hm3mslskpf93uSeen on
wss://relay.nostr.bandPublished at
2024-03-29 23:47:31Event JSON
{
"id": "d95402f2fc11ab874291fe3826810a1b86dc803774ecde0c305c41215e45cddf",
"pubkey": "ea48452d254a93d2fb772342fe19eb2659d28c7c5640de2611d83e2a5f71dc3f",
"created_at": 1711756051,
"kind": 1,
"tags": [
[
"t",
"xz"
],
[
"t",
"cve20243094"
],
[
"proxy",
"https://puddle.town/users/null/statuses/112181644617288116",
"activitypub"
]
],
"content": "I found the bad version of xz on my Macbook, but fortunately it looks like it doesn’t actively exploit macOS. 😬\n\nIt was installed via Brew due to being a dependency in 4 other packages I actively use. Brew had a patch waiting, which curiously just downgraded xz to an earlier version.\n\n\"These conditions include targeting only x86-64 linux\" and \"due to the working of the injected code... it is likely the backdoor can only work on glibc based systems.\"\n\n#xz #cve20243094\n\nhttps://mastodon.social/@AndresFreundTec/112180083704606941",
"sig": "256a39811e47eb43a4600edc6ab189f41e1018a40b010f8553828725ea965b2ec28801e149d0af313bf73f482a11a2af10433c0d14d9b920b0561814ef28e550"
}