Latest Security Scare: Backdoor in ssh

I don’t usually pay that much attention to security vulnerability announcements, but a Mastodon post tagged:

#cve20243094 #security #xz #linux

caught my attention. This is a “remote ssh backdoor” that made its way into many of the major Linux distros. I’m quite skeptical that I would be a target for hacking, but this vulnerability is getting much more press coverage than the usual, so I took a look at it starting with this post on “OpenWall: Bringing Security Into Open Environments

At the end is a bash script to test for the presence of the backdoor, which I ran on my 64-bit PiOS Bookworm Desktop attached to GoPi5Go-Dave. Dave is “probably not vulnerable”.

#! /bin/bash

set -eu

# find path to liblzma used by sshd
path="$(ldd $(which sshd) | grep liblzma | grep -o '/[^ ]*')"

# does it even exist?
if [ "$path" == "" ]
	echo probably not vulnerable

# check for function signature
if hexdump -ve '1/1 "%.2x"' "$path" | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c
	echo probably vulnerable
	echo probably not vulnerable

Alternatively: The article lists liblzma 5.6.0 and 5.6.1 as containing the vulnerability. dpkg -l | grep liblzma reports v5.4.1-0.2 is installed on my system.