Visit kammaclimate.com for Kamma's climate analytics

Kamma’s Response to CVE-2024-0394 (XZ Utils Backdoor)

News

Last week security researchers publicised a malicious back door in the XZ Utils library, a widely used suite of software that gives developers lossless compression and is commonly used for compressing software releases and Linux kernel images. The backdoor could, under certain circumstances be used to run unauthorised code via the encrypted SSH connection protocol.

The vulnerability has been given the formal title of CVE-2024-0394 and is being reported using the terms XZ backdoor and XZ Utils backdoor.

To date there are no known reports of the compromised version of XZ being part of any production releases for any of the major Linux distributions. However both RedHat and Debian have disclosed that the compromised version was part of recently published beta releases and Arch Linux was also affected. The compromised version also impacted macOS developers using the Homebrew package management system if they’d previously installed XZ as well as Windows developers running the WSL development environment.

At Kamma we have checked all of our platforms and services as well as all of our laptops and servers which run macOS, Linux and Windows and we would like to reassure our customers that Kamma is not impacted or affected by this compromised package.

However if you would like to discuss this in greater detail or require any further information, please contact us at support@kammadata.com.

More information on the technical aspects of this vulnerability can be found here: https://nvd.nist.gov/vuln/detail/CVE-2024-3094.

Share this article

Read more recent articles

Goodlord releases its 7th annual State of the Lettings Industry Report: What’s ahead for the private rental sector?

We’re excited to announce that our partner, Goodlord, has launched its latest State of the Lettings Industry report, providing valuable insights into the current state and future of the private…

Read more

Property Licence Fines: Your HMO Guide 

Operating an HMO or private rented property without a licence is a serious offence that can lead to a variety of penalties and consequences for both landlords and letting agents.…

Read more
Illustration showing a magnifying glass hovering over two rows of houses, which each have an EPC label from A to G.

Property licensing update: May 2024

At Kamma, we know how important it is to have the most up-to-date information at your fingertips. Each month, we provide a full rundown of the latest scheme announcements and…

Read more