472

Arch with XZ(lemmy.world)

posted
by
Avatar
qwioeue@lemmy.world
in
Avatar
linuxmemes@lemmy.world
92 comments
hidereport
Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments View context
Avatar
qwioeue@lemmy.worldOP
21 points
*

liblzma is the problem. sshd is just the first thing they found that it is attacking. liblzma is used by firefox and many other critical packages.

permalink
report
parent
reply
Avatar
Rustmilian@lemmy.world
31 points

Arch does not directly link openssh to liblzma, and thus this attack vector is not possible. You can confirm this by issuing the following command:

ldd "$(command -v sshd)"
permalink
report
parent
reply
Avatar
qwioeue@lemmy.worldOP
7 points
*

Yes, this sshd attack vector isn’t possible. However, they haven’t decomposed the exploit and we don’t know the extent of the attack. The reporter of the issue just scratched the surface. If you are using Arch, you should run pacman right now to downgrade.

permalink
report
parent
reply
Avatar
Fubarberry@sopuli.xyz
36 points

They actually have an upgrade fix for it, at least for the known parts of it. Doing a standard system upgrade will replace the xz package with one with the known backdoor removed.

permalink
report
parent
reply
Avatar
HopFlop@discuss.tchncs.de
15 points

If you are using Arch, you should run pacman right now to downgrade.

No, just update. It’s already fixed. Thats the point of rolling release.

permalink
report
parent
reply
Avatar
Trail@lemmy.world
4 points

Bold of you to assume I hare upgraded in the first place.

permalink
report
parent
reply
Avatar
lemmyvore@feddit.nl
3 points

I switched it with 5.4, just in case.

permalink
report
parent
reply
Avatar
bitwolf@lemmy.one
0 points

Do not use ldd on untrusted binaries.

I executed the backdoor the other day when assessing the damage.

objdump is the better tool to use in this case.

permalink
report
parent
reply

linuxmemes

!linuxmemes@lemmy.world

Create post

Hint: :q!

Sister communities:

Community rules (click to expand)

1. Follow the site-wide rules
2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of “peasantry” to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
4. No recent reposts
  • Everybody uses Arch btw, can’t quit Vim, and wants to interject for a moment. You can stop now.

Please report posts and comments that break these rules!

Community stats

  • 6.7K

    Monthly active users

  • 1.3K

    Posts

  • 69K

    Comments

Community moderators