www.redhat.com
Open in
urlscan Pro
2a02:26f0:e300:18a::d44
Public Scan
URL:
https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users
Submission: On August 29 via api from LU — Scanned from DE
Submission: On August 29 via api from LU — Scanned from DE
Form analysis 2 forms found in the DOM
POST https://www.redhat.com/en/search/node
<form slot="search" class="search-form rhb-search-tray--form" autocomplete="off" action="https://www.redhat.com/en/search/node" method="post" id="rhdc_search_form" accept-charset="UTF-8" data-once="rhdc_search_submit rhdc_search_suggestions">
<div>
<div class="form-wrapper" id="edit-basic">
<div class="form-item form-type-textfield form-item-search-field"><input maxlength="128" size="15" placeholder="What are you looking for?" type="text" data-drupal-selector="edit-search-field" id="edit-search-field" name="search_field" value=""
class="form-text" aria-label="Search"></div>
<div class="form-actions form-wrapper" id="edit-actions"><input type="submit" data-drupal-selector="edit-submit" id="edit-submit" name="op" value="Search" class="form-submit rhb-search-tray--submit" data-analytics-linktype="cta"
data-analytics-text="Search" data-analytics-category="Search"></div>
<div class="search-autocomplete__container"></div>
</div>
</div>
</form>POST
<form class="rh-simple-form--layout" method="post">
<!-- Component | Search -->
<div class="rh-search--component">
<div class="rh-search-wrapper">
<label class="rh-search-label" for="search">Enter keywords here to search blogs</label>
<input class="rh-search-field" required="" maxlength="128" size="15" placeholder="Search all Red Hat blogs" type="text" id="search" data-rh-search-input="" name="search" value="">
<div class="rh-search-clear" data-rh-search-clear="" tabindex="0">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="18" height="18">
<title>UI_Icon-Red_Hat-Close-A-Black-RGB</title>
<path
d="M12.54 11.46L8.92 7.83l3.45-3.46a.63.63 0 0 0 0-.88.61.61 0 0 0-.88 0L8 6.94 4.54 3.46a.61.61 0 0 0-.88 0 .63.63 0 0 0 0 .88l3.49 3.49-3.66 3.66a.61.61 0 0 0 0 .88.63.63 0 0 0 .88 0L8 8.71l3.63 3.63a.63.63 0 0 0 .88 0 .61.61 0 0 0 .03-.88z">
</path>
</svg>
</div>
<button class="rh-search-link" data-rh-cta-type="button" type="submit" formaction="" title=""> Search </button>
</div>
</div>
</form>Text Content
Skip to content
FEATURED LINKS
* Support
* Documentation
* Console
* Developers
* Start a trial
* All Red Hat
* For customers
* Customer support
* Subscription management
* Support cases
* Red Hat Ecosystem Catalog
* Find a partner
* For partners
* Partner portal
* Partner support
* Become a partner
* Try, buy, & sell
* Red Hat Marketplace
* Red Hat Store
* Contact sales
* Start a trial
* Learning resources
* Documentation
* Training and certification
* Hybrid cloud learning hub
* Interactive labs
* Learning community
* Red Hat TV
* Open source communities
* Ansible
* Global advocacy
* How we contribute
Red Hat
* Products
* Solutions
* Training & services
* Resources
* Partners
* About
* Explore more
PLATFORM PRODUCTS
* Red Hat Enterprise LinuxA flexible, stable operating system to support hybrid
cloud innovation.
* Red Hat OpenShiftA container platform to build, modernize, and deploy
applications at scale.
* Red Hat Ansible Automation PlatformA foundation for implementing
enterprise-wide automation.
TRY & BUY
* Start a trialAssess a product with a no-cost trial.
* Buy onlineBuy select products and services in the Red Hat Store.
* Integrate with major cloud providersBuy Red Hat solutions using committed
spend from providers, including:
FEATURED
* Red Hat Enterprise Linux AI New
* Red Hat OpenShift AI
* Red Hat OpenShift Virtualization
* Red Hat OpenShift Service on AWS
* Microsoft Azure Red Hat OpenShift
See all products
* Application platformSimplify the way you build, deploy, manage, and secure
apps across the hybrid cloud.
* Artificial intelligenceBuild, deploy, and monitor AI models and apps with Red
Hat's open source platforms.
* Edge computingDeploy workloads closer to the source with security-focused
edge technology.
* IT automationUnite disparate tech, teams, and environments with 1
comprehensive automation platform.
* Linux standardizationGet consistency across operating environments with an
open, flexible infrastructure.
* SecurityDeliver software using trusted platforms and real-time security
scanning and remediation.
* VirtualizationModernize operations using a single platform for virtualized
and containerized workloads.
BY INDUSTRY
* Automotive
* Financial services
* Healthcare
* Industrial sector
* Media and entertainment
* Public sector
* Telecommunications
Explore solutions
SERVICES
* Consulting
* Open Innovation Labs
* Technical Account Management
TRAINING & CERTIFICATION
* All courses and exams
* All certifications
* Verify a certification
* Skills assessment
* Learning subscription
* Learning community
* Red Hat Academy
* FAQs
* Connect with learning experts
FEATURED
* Ansible Basics: Automation Technical Overview (No cost)
* Containers, Kubernetes and Red Hat OpenShift Technical Overview (No cost)
* Red Hat Enterprise Linux Technical Overview (No cost)
* Red Hat Certified System Administrator exam
* Red Hat System Administration I
Explore services
TOPICS
* AI
* Application modernization
* Automation
* Cloud computing
* Cloud-native applications
* Containers
* DevOps
* Edge computing
* Linux
* Virtualization
* See all topics
ARTICLES
* What is InstructLab? New
* What are cloud services?
* What is edge computing?
* What is hybrid cloud?
* Why build a Red Hat cloud?
* Cloud vs. edge
* Red Hat OpenShift vs. Kubernetes
* Learning Ansible basics
* What is Linux?
MORE TO EXPLORE
* Blog
* Customer success stories
* Events and webinars
* Newsroom
* Podcasts and video series
* Documentation
* Resource library
* Training and certification
Explore resources
FOR CUSTOMERS
* Our partners
* Red Hat Ecosystem Catalog
* Find a partner
FOR PARTNERS
* Partner Connect
* Become a partner
* Training
* Support
* Access the partner portal
ABOUT US
* Our company
* How we work
* Our social impact
* Development model
* Subscription model
* Product support
OPEN SOURCE
* Open source commitments
* How we contribute
* Red Hat on GitHub
COMPANY DETAILS
* Analyst relations
* Blog
* Locations
* Newsroom
Explore Red Hat
Contact us
For customers
* Customer support
* Subscription management
* Support cases
* Red Hat Ecosystem Catalog
* Find a partner
For partners
* Partner portal
* Partner support
* Become a partner
Try, buy, & sell
* Red Hat Marketplace
* Red Hat Store
* Contact sales
* Start a trial
Learning resources
* Documentation
* Training and certification
* Hybrid cloud learning hub
* Interactive labs
* Learning community
* Red Hat TV
Open source communities
* Ansible
* Global advocacy
* How we contribute
For you New
RECOMMENDATIONS
As you browse redhat.com, we'll recommend resources you may like. For now, try
these.
--------------------------------------------------------------------------------
* All Red Hat products
* Tech topics
* Red Hat resources
SupportDocumentationConsoleDevelopersStart a trialContact
Select a language简体中文EnglishFrançaisDeutschItaliano日本語한국어PortuguêsEspañol
Contact us
English
SELECT A LANGUAGE
* 简体中文
* English
* Français
* Deutsch
* Italiano
* 日本語
* 한국어
* Português
* Español
Select a language简体中文EnglishFrançaisDeutschItaliano日本語한국어PortuguêsEspañol
Red Hat
* Products
* Solutions
* Training & services
* Resources
* Partners
* About
Menu Search For you Contact us English Log in
* Products
* Solutions
* Training & services
* Resources
* Partners
* About
* Contact us
SELECT A LANGUAGE
* 简体中文
* English
* Français
* Deutsch
* Italiano
* 日本語
* 한국어
* Português
* Español
Red Hat Blog
* By product
* Red Hat Enterprise Linux
* Red Hat OpenShift
* Red Hat Ansible Automation Platform
--------------------------------------------------------------------------------
All products
* By channel
* AI
* Virtualization
* Applications
* Automation
* Cloud services
* Edge computing
* Infrastructure
* Open hybrid cloud
* Original shows
* Security
--------------------------------------------------------------------------------
All channels
Subscribe to the feed
URGENT SECURITY ALERT FOR FEDORA LINUX 40 AND FEDORA RAWHIDE USERS
March 29, 20243-minute read
Linux Open source Open source communities Security
Share
Subscribe
* Back to all posts
--------------------------------------------------------------------------------
No versions of Red Hat Enterprise Linux (RHEL) are affected by this CVE.
Updated March 30, 2024: We have determined that Fedora Linux 40 beta does
contain two affected versions of xz libraries - xz-libs-5.6.0-1.fc40.x86_64.rpm
and xz-libs-5.6.0-2.fc40.x86_64.rpm. At this time, Fedora 40 Linux does not
appear to be affected by the actual malware exploit, but we encourage all Fedora
40 Linux beta users to revert to 5.4.x versions.
Editor's note: This post has been updated to more clearly articulate the
affected versions of Fedora Linux and add additional mitigation methods.
Yesterday, Red Hat Information Risk and Security and Red Hat Product Security
learned that the latest versions of the “xz” tools and libraries contain
malicious code that appears to be intended to allow unauthorized
access. Specifically, this code is present in versions 5.6.0 and 5.6.1 of the
libraries. Fedora Linux 40 users may have received version 5.6.0, depending on
the timing of system updates. Fedora Rawhide users may have received version
5.6.0 or 5.6.1. This vulnerability was assigned CVE-2024-3094.
PLEASE IMMEDIATELY STOP USAGE OF ANY FEDORA RAWHIDE INSTANCES for work or
personal activity. Fedora Rawhide will be reverted to xz-5.4.x shortly, and once
that is done, Fedora Rawhide instances can safely be redeployed. Note that
Fedora Rawhide is the development distribution of Fedora Linux, and serves as
the basis for future Fedora Linux builds (in this case, the yet-to-be-released
Fedora Linux 41).
At this time the Fedora Linux 40 builds have not been shown to be compromised.
We believe the malicious code injection did not take effect in these builds.
However, Fedora Linux 40 users should still downgrade to a 5.4 build to be safe.
An update that reverts xz to 5.4.x has recently been published and is becoming
available to Fedora Linux 40 users through the normal update system. Concerned
users can force the update by following the instructions at
https://bodhi.fedoraproject.org/updates/FEDORA-2024-d02c7bb266.
Updated March 30, 2024: We have determined that Fedora Linux 40 beta does
contain two affected versions of xz libraries - xz-libs-5.6.0-1.fc40.x86_64.rpm
and xz-libs-5.6.0-2.fc40.x86_64.rpm. At this time, Fedora 40 Linux does not
appear to be affected by the actual malware exploit, but we encourage all Fedora
40 Linux beta users to revert to 5.4.x versions.
WHAT IS XZ?
xz is a general purpose data compression format present in nearly every Linux
distribution, both community projects and commercial product distributions.
Essentially, it helps compress (and then decompress) large file formats into
smaller, more manageable sizes for sharing via file transfers.
WHAT IS THE MALICIOUS CODE?
The malicious injection present in the xz versions 5.6.0 and 5.6.1 libraries is
obfuscated and only included in full in the download package - the Git
distribution lacks the M4 macro that triggers the build of the malicious code.
The second-stage artifacts are present in the Git repository for the injection
during the build time, in case the malicious M4 macro is present.
The resulting malicious build interferes with authentication in sshd via
systemd. SSH is a commonly used protocol for connecting remotely to systems,
and sshd is the service that allows access. Under the right circumstances this
interference could potentially enable a malicious actor to break sshd
authentication and gain unauthorized access to the entire system remotely.
WHAT DISTRIBUTIONS ARE AFFECTED BY THIS MALICIOUS CODE?
Current investigation indicates that the packages are only present in Fedora 40
and Fedora Rawhide within the Red Hat community ecosystem.
We have reports and evidence of the injections successfully building in xz 5.6.x
versions built for Debian unstable (Sid). Other distributions may also be
affected. Users of other distributions should consult with their distributors
for guidance.
WHAT SHOULD I DO IF I AM RUNNING AN AFFECTED DISTRIBUTION?
For both personal and business activities, immediately stop using Fedora 40 or
Fedora Rawhide until you can downgrade your xz version. If you are using an
affected distribution in a business setting, we encourage you to contact your
information security team for next steps.
Additionally, for those running openSUSE distributions, SUSE has published a
downgrade procedure at https://build.opensuse.org/request/show/1163302.
--------------------------------------------------------------------------------
Enter keywords here to search blogs
UI_Icon-Red_Hat-Close-A-Black-RGB
Search
MORE LIKE THIS
BLOG POST
OPENSHIFT COMMONS SECURITY SPECIAL INTEREST GROUP (SIG) AT RED HAT SUMMIT 2024
BLOG POST
REDUCING COMPLEXITY IN VIRTUAL MACHINE MIGRATION AND IN APPLICATION PLATFORM
MANAGEMENT
ORIGINAL SHOWS
THE TRUTH ABOUT NETCODE | COMPILER
ORIGINAL SHOWS
AIR-GAPPED NETWORKS | COMPILER
KEEP EXPLORING
* Checklist: 4 ways to improve cloud security
* Whitepaper: Security approaches for hybrid cloud environments
* A layered approach to container and Kubernetes security
BROWSE BY CHANNEL
Explore all channelsIcon-Red_Hat-Directional-A-Black-RGB
AUTOMATION
The latest on IT automation for tech, teams, and environments
ARTIFICIAL INTELLIGENCE
Updates on the platforms that free customers to run AI workloads anywhere
OPEN HYBRID CLOUD
Explore how we build a more flexible future with hybrid cloud
SECURITY
The latest on how we reduce risks across environments and technologies
EDGE COMPUTING
Updates on the platforms that simplify operations at the edge
INFRASTRUCTURE
The latest on the world’s leading enterprise Linux platform
APPLICATIONS
Inside our solutions to the toughest application challenges
ORIGINAL SHOWS
Entertaining stories from the makers and leaders in enterprise tech
LinkedInYouTubeFacebookTwitter
PRODUCTS
* Red Hat Enterprise Linux
* Red Hat OpenShift
* Red Hat Ansible Automation Platform
* Cloud services
* See all products
TOOLS
* Training and certification
* My account
* Customer support
* Developer resources
* Find a partner
* Red Hat Ecosystem Catalog
* Red Hat value calculator
* Documentation
TRY, BUY, & SELL
* Product trial center
* Red Hat Marketplace
* Red Hat Store
* Buy online (Japan)
* Console
COMMUNICATE
* Contact sales
* Contact customer service
* Contact training
* Social
ABOUT RED HAT
We’re the world’s leading provider of enterprise open source solutions—including
Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make
it easier for enterprises to work across platforms and environments, from the
core datacenter to the network edge.
SELECT A LANGUAGE
English
* 简体中文
* English
* Français
* Deutsch
* Italiano
* 日本語
* 한국어
* Português
* Español
RED HAT LEGAL AND PRIVACY LINKS
* About Red Hat
* Jobs
* Events
* Locations
* Contact Red Hat
* Red Hat Blog
* Diversity, equity, and inclusion
* Cool Stuff Store
* Red Hat Summit
RED HAT LEGAL AND PRIVACY LINKS
* Privacy statement
* Terms of use
* All policies and guidelines
* Digital accessibility
* Cookie-präferenzen