CVE-2024-3094

CRITICAL

CVSS v3

10

CRITICAL

EPSS Score

85.8%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.

Technical Details

Published
3/29/2024

Frequently Asked Questions

What is CVE-2024-3094?

Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.

Is CVE-2024-3094 actively exploited?

Active exploitation of CVE-2024-3094 has not been confirmed. The EPSS score is 85.8%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2024-3094?

CVE-2024-3094 has a CVSS v3 base score of 10 (CRITICAL severity).

Is CVE-2024-3094 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.