Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-3094 PoC — Xz: malicious code in distributed source

Source
https://github.com/wgetnz/CVE-2024-3094-check
Associated Vulnerability
Title:Xz: malicious code in distributed source (CVE-2024-3094)
Description:Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.
Readme
# CVE-2024-3094 vul check tools

This vulnerability allows an attacker to log into the server and execute arbitrary code without passing SSH authentication. For details, please see: https://www.openwall.com/lists/oss-security/2024/03/29/4

use
```bash
curl -fsSL https://raw.githubusercontent.com/wgetnz/CVE-2024-3094-check/main/CVE-2024-3094-check.sh| bash
```
OR
```bash
curl -fsSL  https://github.freedns.uk/https://raw.githubusercontent.com/wgetnz/CVE-2024-3094-check/main/CVE-2024-3094-check.sh| bash 
```

If your host is offline, please use the following command

For Debian/Ubuntu:
```bash
apt list --installed 2>&1 | grep xz | grep -E '5.6.0|5.6.1' && echo "Check your system now" || echo "Everything is ok"
```

For macOS:
```bash
brew info xz | grep xz | grep -E '5.6.0|5.6.1' && echo 'Check your system now' || echo 'Everything is ok'
```

How to fix:
Just downgrade xz-utils

macOS fix:
brew install xz

If you have any questions, please issue, If this project helps you, please give me a star
File Snapshot

 [4.0K]  /data/pocs/cc87a733248fe5d787506ff10ec7d43dc1c311e0
├── [ 954]  CVE-2024-3094-check.sh
└── [1007]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →