CISA sounds alarm on deep-seated vulnerability in Linux tool


The Cybersecurity and Infrastructure Security Agency issued an alert Friday warning of a previously unnoticed backdoor in a widely used Linux tool that compresses and encrypts files shared between parties.

If allowed to propagate, the backdoor could have rendered the open-source Linux ecosystem ripe for exploitation by hackers. The mechanism targeted is a Secure Shell — or SSH — tool, which compresses and scrambles data sent over a connection. A weakness there could allow hackers to gain access to entire systems by allowing them to bypass authentication mechanisms used in the SSH encryption process.

A malicious actor planted a vulnerability into XZ Utils, a Linux file compression and transfer capability. The sinister code was rolled into two recently released versions of the tool, but only certain beta versions of Linux offerings are exposed, according to a March 30 analysis from Red Hat, a cybersecurity company that provides a commercial Linux distribution.

Read more…