xz vulnerability discovered by an SE doing routine benchmarking on #debian unstable. Benchmark-ers and fuzz-ers are heros.
... Freund said he discovered the backdoor by chance while benchmarking a Linux-based Debian installation. During the tests, he realized that XZ Utils was triggering high CPU consumption with SSH processes...
https://www.pcmag.com/news/software-engineer-stops-attempt-to-add-backdoor-to-linux-operating-systems
Kyle Taylor /
npub1mj…yuq8j
2024-04-02 00:14:43
Author Public Key
npub1mjq8tusfxfxatffmz8lfrm5gvdkzutjetl88spr576jy2jc2hjyq3yuq8jPublished at
2024-04-02 00:14:43Event JSON
{
"id": "142195f4a1eb1e0964e15d9181bb7dcc922b6b66902042746498753150c0b4c5",
"pubkey": "dc8075f209324dd5a53b11fe91ee88636c2e2e595fce780474f6a4454b0abc88",
"created_at": 1712016883,
"kind": 1,
"tags": [
[
"t",
"debian"
],
[
"proxy",
"https://hostux.social/users/kta/statuses/112198738466072186",
"activitypub"
]
],
"content": "xz vulnerability discovered by an SE doing routine benchmarking on #debian unstable. Benchmark-ers and fuzz-ers are heros.\n\n... Freund said he discovered the backdoor by chance while benchmarking a Linux-based Debian installation. During the tests, he realized that XZ Utils was triggering high CPU consumption with SSH processes...\n\nhttps://www.pcmag.com/news/software-engineer-stops-attempt-to-add-backdoor-to-linux-operating-systems",
"sig": "e24728b85a2b2dc4e5a53af2750443b859ddaf74503c49cd66faa9228fdac8f4d1672c18eadb9c8827e5f9cd79a3321fcc286725f9e4d9c09f4efcc0eca25751"
}