Alerts – Page 23 – Tanzania Computer Emergency Response Team

Critical remote code execution vulnerability in XZ Library (CVE-2024-3094)

3rd April 2024

Advisory No: TZCERT/SA/2024/04/02

Date of First Release: 2^nd April 2024

Source: Arch Linux, Red Hat

Software Affected: XZ Library versions 5.6.0 and 5.6.1

Overview:

Arch Linux and Red Hat have released security patches to address a critical vulnerability affecting the xz library. The vulnerability could allow an attacker to execute arbitrary code.

Description:

Xz is a general-purpose data compression format present in nearly every Linux distribution. This library is affected by a critical vulnerability tracked as CVE-2024-3094. The vulnerability is the result of the absence of M4 macro files that contain the instructions for building with automakes in the tarballs. This issue results in additional software modification thus leading to arbitrary code execution.

Impact:

Successful exploitation of this vulnerability may allow the attacker to take control of the affected system.

Solution:

Multiple Operating System vendors have released patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References:

TZCERT-SU-24-0351 (SUSE Security Update)

29th March 2024

SUSE has released security updates to address vulnerabilities in Linux kernel and PackageKit. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review SUSE Security Advisories suse-su-20241040-1 and suse-su-20241046-1 and apply necessary updates.

TZCERT-SU-24-0350 (Dell Security Update)

29th March 2024

Dell has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Dell Security Advisories dsa-2024-023, dsa-2024-135, dsa-2024-151 and dsa-2024-134 and apply necessary updates.

TZCERT-SU-24-0349 (Ubuntu Security Update)

29th March 2024

Ubuntu has released security updates to address vulnerabilities in curl and Linux kernel. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Ubuntu Security Advisories USN-6718-1 and USN-6686-5 and apply necessary updates.

TZCERT-SU-24-0348 (Rapid7 Security Update)

29th March 2024

Rapid7 has released security update to address a vulnerability in InsightVM. Exploitation of this vulnerability may allow an attacker to gain access to sensitive information.

Users and administrators are encouraged to review Rapid7 Security Advisory and apply necessary updates.