I don’t usually pay that much attention to security vulnerability announcements, but a Mastodon post tagged:
#cve20243094 #security #xz #linux
caught my attention. This is a “remote ssh backdoor” that made its way into many of the major Linux distros. I’m quite skeptical that I would be a target for hacking, but this vulnerability is getting much more press coverage than the usual, so I took a look at it starting with this post on “OpenWall: Bringing Security Into Open Environments”
At the end is a bash script to test for the presence of the backdoor, which I ran on my 64-bit PiOS Bookworm Desktop attached to GoPi5Go-Dave. Dave is “probably not vulnerable”.
#! /bin/bash
set -eu
# find path to liblzma used by sshd
path="$(ldd $(which sshd) | grep liblzma | grep -o '/[^ ]*')"
# does it even exist?
if [ "$path" == "" ]
then
echo probably not vulnerable
exit
fi
# check for function signature
if hexdump -ve '1/1 "%.2x"' "$path" | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c
2410
then
echo probably vulnerable
else
echo probably not vulnerable
fi
Alternatively: The article lists liblzma 5.6.0 and 5.6.1 as containing the vulnerability. dpkg -l | grep liblzma reports v5.4.1-0.2 is installed on my system.