This vulnerability allows an attacker to log into the server and execute arbitrary code without passing SSH authentication. For details, please see: https://www.openwall.com/lists/oss-security/2024/03/29/4
use
curl -fsSL https://raw.githubusercontent.com/wgetnz/CVE-2024-3094-check/main/CVE-2024-3094-check.sh| bashOR
curl -fsSL https://github.freedns.uk/https://raw.githubusercontent.com/wgetnz/CVE-2024-3094-check/main/CVE-2024-3094-check.sh| bash If your host is offline, please use the following command
For Debian/Ubuntu:
apt list --installed 2>&1 | grep xz | grep -E '5.6.0|5.6.1' && echo "Check your system now" || echo "Everything is ok"For macOS:
brew info xz | grep xz | grep -E '5.6.0|5.6.1' && echo 'Check your system now' || echo 'Everything is ok'How to fix: Just downgrade xz-utils
macOS fix: brew install xz
If you have any questions, please issue, If this project helps you, please give me a star