Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
02 April 2024
The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed.
The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0), came to light last week when Microsoft engineer and PostgreSQL developer Andres Freund