CVE-2024-3094
CRITICALCVSS v3
10
CRITICAL
EPSS Score
85.8%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.
Technical Details
- Published
- 3/29/2024
Frequently Asked Questions
What is CVE-2024-3094?
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.
Is CVE-2024-3094 actively exploited?
Active exploitation of CVE-2024-3094 has not been confirmed. The EPSS score is 85.8%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2024-3094?
CVE-2024-3094 has a CVSS v3 base score of 10 (CRITICAL severity).
Is CVE-2024-3094 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.