CVE-2024-3094: xz-utils backdoor

The newly discovered xz-utils backdoor, which was published yesterday (NVD – CVE-2024-3094 (nist.gov)) also affects one of the Linux distributions most used by penetration testers: Kali Linux.

❗Make sure, that you are updating your Kali installations as fast as possible, especially when you updated them before in the time frame between 26.03.2024 and 29.03.2024.

💡For more information regarding Kali Linux see: All about the xz-utils backdoor | Kali Linux Blog

This vulnerability also affects a number of other Linux distributions. Here are two links providing more information:

• xz-utils backdoor situation (github.com)
• Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094) – Help Net Security