Ansil H’s Post

Lead SRE @Cisco Gen AI / ☸️ Cloud Native / 🎤Speaker CNCG / Ex-Rancher / Ex-SUSE / Ex-Nutanix

1mo

Quick one-liner to check CVE-2024-3094! 𝘳𝘦𝘢𝘥𝘭𝘪𝘯𝘬 $(𝘢𝘸𝘬 '/𝘭𝘪𝘣𝘭𝘻𝘮𝘢.𝘴𝘰.5/{𝘱𝘳𝘪𝘯𝘵 $3}' <(𝘭𝘥𝘥 $(𝘸𝘩𝘪𝘤𝘩 𝘴𝘴𝘩𝘥))) \ | 𝘨𝘳𝘦𝘱 -𝘲𝘌 "𝘭𝘪𝘣𝘭𝘻𝘮𝘢.𝘴𝘰.5.6.0|𝘭𝘪𝘣𝘭𝘻𝘮𝘢.𝘴𝘰.5.6.1" \ && 𝘦𝘤𝘩𝘰 "𝘈𝘧𝘧𝘦𝘤𝘵𝘦𝘥 𝘣𝘺 𝘊𝘝𝘌-2024-3094" || 𝘦𝘤𝘩𝘰 "𝘕𝘰𝘵 𝘢𝘧𝘧𝘦𝘤𝘵𝘦𝘥" #linux #security

5 Comments

Fred R.

Developing business context for kubernetes platforms with open-source tools.

1mo

I just tried this on a varied bunch of different vm nodes I have. If you get an error about ldd missing file arguments, some distros want the ldd to be run under sudo, ie with root's $PATH. If you get a "missing operand" error from readlink, some distros want an argument such as "-f" for the readlink command.

1 Reaction

Ananthu C V

Product Engineer | Debian Maintainer | Free (Libre) Software Evangelist

1mo

I was just doing some lookup in my system and a simple `find / -name liblzma.so.5* 2> /dev/null | wc -l` gave me `246`. The sheer amount of schroots I have to clear up, I swear.....

1 Reaction

See more comments

To view or add a comment, sign in

More Relevant Posts

Ignacio B. Souto Jalón

Blockchain & Full Stack Developments (Web2, Web3, Digital Developments, Smart Contracts, Dapps, Traceability Applications, Fintech, RegTech & PropTech )
1mo
Report this post
"don't run xz --version to check if you're compromised" If you have infected version of liblzma in your system, it's already loaded into EVERY process that depends on libsystemd. systemd's dependency on liblzma *was literally* the attack vector. To avoid compromising the system, if you're going to check if you have the backdoor version of **XZ**, don't run "xz --version". Instead, use: strings 'which xz' | grep "(XZ Utils)" Version lower than 5.6.0 is safe. #Linux #BackDoor
Like Comment
To view or add a comment, sign in
Revolution Pi

14,351 followers
6mo Edited
Report this post
🚨 Updated RevPi kernel and a new version of our current image ⬇ Get them here RevPi kernel version 6.1: ➡ What' changed? https://lnkd.in/eFSF6vbz ➡ GitHub: https://lnkd.in/e3JPShPs ➡ GitLab: https://lnkd.in/eEcY29Wv RevPi Bullseye Image 09/2023 ➡ Release notes: https://lnkd.in/eWxv73_h ➡ Download: https://lnkd.in/eumj2eY7 #revolutionpi #kernel #linux #operatingsystem
Like Comment
To view or add a comment, sign in
ADMIN magazine

575 followers
2mo
Report this post
Based on Debian 12 Bookworm, Tails 6.0 is available now https://lnkd.in/giTdFMh8 #Tails #Linux #Debian #GNOME #security #Bookworm

Tails 6.0 Released » ADMIN Magazine

admin-magazine.com
Like Comment
To view or add a comment, sign in
Help Net Security

6,615 followers
7mo
Report this post
Curl v8.4.0 is out, and fixes – among other things – a high-severity SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545). Appropriate patches for some older curl versions have been released, too. https://lnkd.in/dmcRHQ2B Daniel Stenberg - HackerOne #curl #libcurl #Linux #containers #vulnerability #securityupdate #patch #opensource #infosecnews #cybersecuritynews
Like Comment
To view or add a comment, sign in
cetric lihalakha

Software Engineer at Eversend
1mo
Report this post
The xz library (part of the data compression tools) got hacked. Check your systems/repos/everything. A small additional dot in CMake file disabled the HAVE_LINUX_LANDLOCK symbol and enabled the backdoor to many projects as it may seem. https://lnkd.in/dj6Szr8H https://lnkd.in/dz2y3u6J #linux #cmake #softwaredevelopment
Like Comment
To view or add a comment, sign in
Upspir

1,409 followers
1mo Edited
Report this post
The Secrets of Grep is Here: Your Go-To Guide for Linux Debugging Ever wondered how to make sense of complex logs in Linux? We've got you covered with our latest guide on using grep commands. From practical examples to tips that'll save you time, we're diving deep into the world of grep. Check it out now at: https://lnkd.in/dvY4Nhy6 #linux #os #opensource #tech #security #cheatsheet #grep
Like Comment
To view or add a comment, sign in
IPTHUB Cyber Security Inc

135 followers
1mo
Report this post
🧑🏻💻🫵 if you are USING KALI LINUX Update it NOW! 💥 And any other linux version that uses the XZ package: CVSS 10 👈 The xz package, starting from version 5.6.0 to 5.6.1, was found to contain a backdoor. The impact of this vulnerability affected Kali between March 26th to March 29th. If you updated your Kali installation on or after March 26th, it is crucial to apply the latest updates today. Here is the story: https://lnkd.in/g64vBBjS And more here https://lnkd.in/g6jAKQS5
Like Comment
To view or add a comment, sign in
FOSS Post

22 followers
2w
Report this post
So, this is a little bit embarrassing.😂 We have uncovered an issue with our email settings for our forum that prevented sending the verification message for new users after registration, which in turn, prevented anyone from posting for a long period of time. We have solved this issue now and we welcome all of you to post in our forums. 😄 https://lnkd.in/d2e6TfXF #Linux #OpenSource
Like Comment
To view or add a comment, sign in

3,471 followers

View Profile Follow

Ansil H’s Post

More from this author

Linux - Pacemaker Architecture

We are in the final days of system administration

Linux performance analysis - Part 1

Explore topics