4 matches found
SUSE CVE-2024-3094
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in...
ALPINE-CVE-2024-3094
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in...
UBUNTU-CVE-2024-3094
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in...
CVE-2024-3094
CVE-2024-3094 - Normal mode Affected: XZ Utils (xz-utils) upstream tarballs starting with 5.6.0; vulnerable in 5.6.0 and 5.6.1, per multiple advisories. Root cause: malicious code injected into build artifacts during the tarball preparation, with a prebuilt object file inserted into the liblzma b...