CVE-2024-3094
Published Mar 29, 2024
Last updated 7 months ago
- Description
- Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.
- Source
- secalert@redhat.com
- NVD status
- Modified
- Products
- xz
CVSS 3.1
- Type
- Primary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- secalert@redhat.com
- CWE-506
- Hype score
- Not currently trending
Jia Tan, a ghost almost backdoored the entire internet. CVE-2024-3094. Severity 10. Then vanished forever. Now he's a coin. And he brought a game. https://t.co/bDIVd06kjQ
@abanonded
15 Mar 2026
3 Impressions
0 Retweets
1 Like
0 Bookmarks
2 Replies
0 Quotes
An investigation into the XZ Utils backdoor (CVE-2024-3094), detailing Jia Tan's multi-year social engineering campaign and the technical infiltration of Linux. #CyberSecurity #Linux #XZBackdoor #OpenSource #TechThriller https://t.co/H1TBvADPou
@galvin_8386
12 Mar 2026
5 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-3094 2 - CVE-2025-43300 3 - CVE-2026-2796 4 - CVE-2026-1602 5 - CVE-2025-11411 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
11 Mar 2026
224 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
The XZ Utils backdoor (officially tracked as CVE-2024-3094) refers to one of the most serious supply-chain attacks discovered in open-source software in recent years Andres Freund noticed strange performance issues and delays in sshd login attempts while t https://t.co/jUQxSl5WeX
@Patrick12131682
10 Mar 2026
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A Microsoft engineer noticed ssh was 500ms slower than usual. That lag just saved the entire Linux ecosystem from a state-sponsored backdoor. Here's how CVE-2024-3094 nearly pwned every SSH server on earth. 🧵 https://t.co/2krl4iRZN9
@emredogancloud
9 Mar 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
الخبر مر بهدوء: مهندس مايكروسوفت لاحظ تأخير 500ms في SSH، فاكتشف backdoor في XZ Utils. ثغرة CVE-2024-3094 من هجوم supply chain مدروس سنتين، كان ممكن يسيطر على سيرفرات العالم. ت
@Ibn_al_Mundhir
4 Mar 2026
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Day 31: Today I dove into CVE-2024-3094, the infamous XZ Utils backdoor. 🛡️💻 This wasn't just a bug; it was a multi-year "long con" supply chain attack that nearly broke the internet. Here’s what I learned: 🧵 #infosec #XZUtils
@dheeraditya1
28 Feb 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Do you know story behind CVE-2024-3094? In 2024, a backdoor hidden inside the XZ compression library nearly turned Linux’s most reliable component: OpenSSH into a universal master key for millions of servers. https://t.co/7fUKhu6ziF #CyberSecurity #Linux #OpenSource #SupplyCha
@cloudarcio
27 Feb 2026
6 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Just watched the @veritasium Youtube video on the XZ Utils backdoor (CVE-2024-3094). In 2024, while everyone was hyped about AI, a years-long "long con" almost crippled the global Linux ecosystem. It’s terrifying how close we came to a total security meltdown. 👇
@SaikatMondal021
26 Feb 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
I remember checking VMs & build boxes for this backdoor. (screenshot from @veritasium vid). XZ Utils Backdoor (CVE-2024-3094) is a critical supply-chain vulnerability discovered in the widely used Linux compression library xz (specifically versions 5.6.0 and 5.6.1). This ht
@oblivion314159
26 Feb 2026
184 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
🚨 CVE-2024-3094 : XZ UTILS SUPPLY CHAIN BACKDOOR AUTHENTICATION BYPASS ALERT 🚨 XZ Utils A critical unauthenticated backdoor has been discovered in XZ Utils liblzma library, allowing attackers to bypass OpenSSH authentication and gain root-level access via a malicious suppl
@OstorlabSec
9 Feb 2026
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔓 CVE-2024-3094: a backdoor no XZ Utils quase comprometeu toda a infraestrutura SSH do Linux. Um mantenedor plantou código malicioso por ANOS até ser descoberto por acidente. Supply chain attacks são o novo normal. Você audita suas dependências? #infosec #cybersecurity
@colapsodigital
7 Feb 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Automated multi-VM cyber-range using Ludus deploys GOAD and XZbot labs with Elastic Agent for detection validation against live CVE-2024-3094 backdoor attacks. AI-driven hunting via Elastic SIEM/XDR enhances forensics. #GOADLabs #AIHunting https://t.co/IeYDJ05Tpl
@TweetThreatNews
7 Feb 2026
179 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2026-21509 2 - CVE-2026-20805 3 - CVE-2024-3094 4 - CVE-2024-1234 5 - CVE-2010-5139 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
3 Feb 2026
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #xz (CVE-2024-3094) is a perfect example of a #supplychainattack. We have a short explainer on the blog on how our Anchore Enterprise customers and OSS #Syft users can immediately report on it. https://t.co/mkCUEv3kZx https://t.co/vs5tNBAlfO
@anchore
12 Jan 2026
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
7 Jan 2026
211 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
21 Dec 2025
134 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
4 Dec 2025
233 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
17 Nov 2025
56 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
📢 𝐍𝐞𝐰 𝐂𝐕𝐄 𝐚𝐧𝐚𝐥𝐲𝐬𝐢𝐬 𝐣𝐮𝐬𝐭 𝐝𝐫𝐨𝐩𝐩𝐞𝐝! CVE-2024-3094 exposes a critical backdoor in Linux tools. Uncover how threat intelligence and supply-chain monitoring fight this hidden threat. 🌐 Explore the write-u
@PurpleOps_io
2 Nov 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
31 Oct 2025
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 𝐇𝐨𝐭 𝐨𝐟𝐟 𝐭𝐡𝐞 𝐩𝐫𝐞𝐬𝐬: 𝐂𝐕𝐄 𝐢𝐧𝐬𝐢𝐠𝐡𝐭𝐬! Discover how CVE-2024-3094 silently compromised SSH across major Linux systems and learn how to defend with real threat intel and supply chain monitoring. 📖 Check
@PurpleOps_io
19 Oct 2025
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
14 Oct 2025
108 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 𝐅𝐫𝐞𝐬𝐡 𝐂𝐕𝐄 𝐚𝐥𝐞𝐫𝐭 𝐣𝐮𝐬𝐭 𝐢𝐧! Learn how CVE-2024-3094 silently compromised XZ Utils in a high-stakes supply-chain backdoor threat-and what your team must do now. 🔗 Read the full breakdown → https://t.co/7GfWiDlpVk Jo
@PurpleOps_io
5 Oct 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
27 Sept 2025
120 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
9 Sept 2025
140 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
23 Aug 2025
156 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
35+ Docker Hub images still have XZ-Utils backdoor (CVE-2024-3094), letting attackers bypass SSH auth & run commands as root. Debian keeps backdoored images for archival reasons. Check containers for XZ-Utils 5.6.2+ to avoid this risk in CI/CD pipelines. #Cyber
@bigmacd16684
20 Aug 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2024年3月に発覚したXZ-Utilsのバッグドア(CVE-2024-3094)が、少なくとも35個のDocker Hub上のイメージに残存している。Binarly社報告。提供元のうちの1つはDebianだが、Debianはリスクは低いとしてイメージは非公開にはし
@__kokumoto
12 Aug 2025
1116 Impressions
3 Retweets
8 Likes
2 Bookmarks
0 Replies
1 Quote
【サプライチェーン攻撃の残存】2024年3月に発見されたXZ-Utilsバックドア(CVE-2024-3094)が、Docker
@nakajimeeee
12 Aug 2025
347 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
The XZ-Utils backdoor (CVE-2024-3094) still exists in many Linux images on Docker Hub, including Debian’s, enabling root access via SSH bypass. Upgrade to version 5.6 to mitigate risk. #DockerSecurity #LinuxImages #Debian https://t.co/4hS7y4nTLO
@TweetThreatNews
12 Aug 2025
106 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ What is the #xz utilz impact? @Josh Bressers, our VP of Security, deep dives on CVE-2024-3094 and what to do today: https://t.co/mkCUEv3kZx #opensource https://t.co/0US6CoGGTD
@anchore
9 Aug 2025
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
6 Aug 2025
103 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
20 Jul 2025
177 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
3 Jul 2025
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
16 Jun 2025
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
30 May 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
13 May 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
26 Apr 2025
71 Impressions
1 Retweet
2 Likes
0 Bookmarks
1 Reply
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
9 Apr 2025
46 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️ What is the #xz utilz impact? @Josh Bressers, our VP of Security, deep dives on CVE-2024-3094 and what to do today: https://t.co/mkCUEv3kZx #opensource https://t.co/vFqMqD7Lku
@anchore
29 Mar 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to http
@jrfetzer
23 Mar 2025
98 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to… htt
@jrfetzer
6 Mar 2025
91 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to… htt
@jrfetzer
17 Feb 2025
112 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to… htt
@jrfetzer
1 Feb 2025
84 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
The #xz (CVE-2024-3094) is a perfect example of a #supplychainattack. We have a short explainer on the blog on how our Anchore Enterprise customers and OSS #Syft users can immediately report on it. https://t.co/mkCUEv3kZx https://t.co/QLApGPAq82
@anchore
27 Jan 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[Link] XZ Utils backdoor (CVE-2024-3094) 解説 #Linux - Qiita>https://t.co/lT0sY4mhLf
@tech_wiki
20 Jan 2025
67 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
XZ Utils backdoor (CVE-2024-3094) 解説 https://t.co/QuypsIy8am #Qiita
@kk0128_
19 Jan 2025
426 Impressions
0 Retweets
5 Likes
2 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to… htt
@jrfetzer
16 Jan 2025
126 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See how SentinelOne Singularity XDR tackles the xz backdoor (CVE-2024-3094), discovered March 29, 2024, affecting Linux's xz libraries. Key Points: Targets Debian, Fedora via SSH daemon/liblzma Exploits OSS supply chain vulnerabilities Shows even open-source isn't immune to… htt
@jrfetzer
5 Jan 2025
73 Impressions
1 Retweet
1 Like
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tukaani:xz:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73F1DAD7-F362-4C5B-B980-2E5313C369DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tukaani:xz:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55782A0B-B9C5-4536-A885-84CAB7029C09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]