## https://sploitus.com/exploit?id=030124BE-9A49-5FC5-B84D-77F0F9B25B74
![cve-2024–3094](https://github.com/alokemajumder/alokemajumder/blob/main/cve-2024%E2%80%933094.png)
![GitHub stars](https://img.shields.io/github/stars/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer?style=social)
![GitHub forks](https://img.shields.io/github/forks/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer?style=social)
![GitHub issues](https://img.shields.io/github/issues/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer)
![GitHub pull requests](https://img.shields.io/github/issues-pr/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer)
![GitHub](https://img.shields.io/github/license/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer)
![GitHub release (latest by date)](https://img.shields.io/github/v/release/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer)
![GitHub contributors](https://img.shields.io/github/contributors/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer)
![GitHub last commit](https://img.shields.io/github/last-commit/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer)
![GitHub top language](https://img.shields.io/github/languages/top/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer)
![Dependencies](https://img.shields.io/librariesio/github/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer)
![Code size](https://img.shields.io/github/languages/code-size/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer)
![Open Source Love](https://badges.frapsoft.com/os/v1/open-source.png?v=103)
![](https://img.shields.io/static/v1?label=Product&message=xz&color=blue)
![](https://img.shields.io/static/v1?label=OS&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Embedded%20Malicious%20Code&color=brighgreen)
![](https://img.shields.io/static/v1?label=Ansible&message=Playbook&color=black)
## Show Your Support
If you find this script useful and it has helped you safeguard your systems against CVE-2024-3094, please consider giving it a star :star: . Starring this repository not only shows your support but also helps more people discover and benefit from our collective effort to improve cybersecurity.
To star the repository, simply click the "Star" button at the top of this page. Your support is greatly appreciated!
Thank you for helping make the digital world a safer place!
# What is CVE-2024-3094
CVE-2024-3094 is a critical security vulnerability discovered in the upstream tarballs of the xz utility, starting with version 5.6.0. This vulnerability involves malicious code that, through complex obfuscations, manipulates the build process of liblzma.
# XZ Utils is “present in nearly every Linux distribution" .
During the build, a prebuilt object file is extracted from a disguised test file within the source code. This file then modifies specific functions in the liblzma code, resulting in a compromised liblzma library. Any software linked against this modified library could intercept and alter data interactions, posing significant security risks
# Patching
This is the most critical and the recommended mitigation strategy. Update your XZ Utils package to the patched version released by your Linux distribution provider. These updates address the vulnerability and eliminate the backdoor code.
# CVE-2024-3094 Vulnerability Checker & Fixer .
This project contains a simple shell script designed to help users identify and fix installations of xz-utils affected by the CVE-2024-3094 vulnerability. Versions 5.6.0 and 5.6.1 of xz-utils are known to be vulnerable, and this script aids in detecting them and optionally downgrading to a stable, uncompromised version (5.4.6).
# Ansible Playbook
Manually running shell scripts on a large number of servers is time-consuming and prone to human error. This script is created additionally to leverage Ansible's automation capabilities for a more efficient, reliable, and scalable approach to identifying and mitigating the CVE-2024-3094 vulnerability.
Read more about the Ansible Playbook script [here](https://github.com/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer/blob/main/ansible/)
## Overview v1.2.0 | Now with Ansible Playbook
CVE-2024-3094 is a critical security vulnerability found in specific versions of xz-utils, a widely used compression tool. This script automates the process of checking your system for the vulnerable versions and provides a prompt to download and install a secure version if necessary.
#### Enhanced Security with Improved Detection Mechanism
- Have enhanced security by querying the installed `xz` version using the system's package manager, avoiding the execution of a potentially vulnerable binary.
#### Upgrade First Approach
- The script attempts to upgrade `xz` to the latest available version through the system's package manager before considering downgrading to a safe version. This keeps systems up-to-date with recent `xz` releases, resorting to the specified stable version only when an upgrade isn't possible.
#### Enhanced OS and Package Manager Support
- Added functionality to detect the operating system and determine the appropriate package manager. Now supports `apt-get` for Debian-based distributions (including Kali Linux), `dnf` or `yum` for Red Hat-based distributions (including CentOS, Fedora, and Rocky Linux), and `zypper` for OpenSUSE.
#### Updated Stable Version Download URL
- Updated the URL to source the stable version of `xz` from SourceForge, providing a more direct and reliable source for the download.
#### Installation Process Improvements
- Maintained the compile and install approach but structured the script to integrate better with future enhancements that could leverage native package management for installation where possible.
#### User Interaction for System Reboot
- Added a prompt to reboot the system after successful installation of the stable `xz` version, ensuring that any changes are properly applied system-wide.
#### Script Usability and Messaging
- Enhanced messaging throughout the script provides clear feedback to the user about each step's success or failure, including instructions for manual intervention if needed.
## Prerequisites
Before running this script, ensure your system has the following:
- `wget` or `curl` for downloading the source code of xz-utils.
- Compilation tools (`gcc`, `make`) for building xz-utils from source.
- `sudo` privileges to install the newly compiled version of xz-utils.
## Usage
1. **Download the Script**
First, clone this repository or download the script directly using wget or curl.
2. **Make the Script Executable** Change the permission of the script file to make it executable.
`chmod +x CVE-2024-3094.sh`
3. **Run the Script** Execute the script. It will automatically detect your system's xz-utils version and guide you through the process of fixing the vulnerability.
`./CVE-2024-3094.sh` `
Follow the on-screen prompts to complete the process.
## Manual Fix
If you prefer to manually address the vulnerability or if the script encounters any issues, follow the steps outlined in the script's comments to download, compile, and install a safe version of xz-utils.
## Contributing to the Project
I welcome contributions from everyone who is interested in helping to improve this project! Whether it's fixing bugs, adding new features, improving documentation, or spreading the word, your help is appreciated.
Here are some ways you can contribute:
- **Reporting bugs**: If you find a bug, please report it by opening a new issue on GitHub.
- **Suggesting enhancements**: Have an idea to make this project better? Share it with us by opening a new issue for discussion.
- **Submitting changes**: Want to submit a fix or a feature? Great! Fork the repository, make your changes, and submit a pull request.
### Getting Started
1. **Fork the repository**: Click the 'Fork' button at the top right of this page to create your copy of the repository.
2. **Clone your fork**:
3. **Create your feature branch**:
4. **Make your changes**: Implement the changes or improvements you propose.
5. **Commit your changes**:
6. **Push to the branch**:
7. **Submit a pull request**: Go to your fork on GitHub and click the 'Pull Request' button to send your changes review.
### Guidelines
Please follow these guidelines to make the contribution process smooth and efficient:
- **License**: Contributed code must be licensed under the same terms as the existing project.
Thank you for your interest in contributing to our project! Together, we can make a significant impact.
## License
[MIT License](https://github.com/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer/blob/main/LICENSE)
## Disclaimer
This script is provided "as is", without warranty of any kind. Use it at your own risk. Always backup your data before making system changes.