Announcement

**Quackdoc** · 29 March 2024, 02:19 PM

man this is some impressive work. Kudos for the implementation.

**kozman** · 29 March 2024, 02:21 PM

So have they traced back the WHO (JiaT75) part of it? Meaning, who snuck this in? I read the post but didn't see mention of anyone specific. Sneaky bastard trying compromise SSH usually points to one type of actor.

**bug77** · 29 March 2024, 02:21 PM

Originally posted by avis View Post

Your Linux system includes the following roughly the same attack vectors:

Bash (installed by default)
Python (installed by default)
Perl (often installed by default)
GCC/Clang
Ruby
PHP
Lua

There are many more. And many Linux users happily git clone whatever they find on the internet and run it.

Microsoft has never distributed malware, period. Stop making shit up.

Stop comparing apples to oranges then. Windows is a commercial product. Commercial Linux never distributed any malware either.
You're asking for the same level of scrutiny for free? I'm asking for a million dollars.

**sophisticles** · 29 March 2024, 02:28 PM

As some of you may recall I explicitly talked about this type of vulnerability on open source software not too long ago.

Basically it's a case of what you see is not what you get, the code shared doesn't contain the exploit, it gets injected at compile time, or even better, manually added.

All open source software is vulnerable to this type of infiltration.

Also Fedora 41?

Fedora 40 isn't even out yet and Fedora 41 is already compromised?

Seriously, why would anyone use Fedora for anything?

**kozman** · 29 March 2024, 02:29 PM

Originally posted by Quackdoc View Post

man this is some impressive work. Kudos for the implementation.

And how many other obfuscated nuggets are hiding out there that no one has audited yet?

**spicfoo** · 29 March 2024, 02:31 PM

Originally posted by sophisticles View Post

Also Fedora 41?

Fedora 40 isn't even out yet and Fedora 41 is already compromised?

Seriously, why would anyone use Fedora for anything?

There is no such thing as Fedora 41. So it cannot be compromised. Fedora 40 never got the update because the automated update checks failed and the update was never pushed out beyond staging. The only impacted place is the development branch.

**rhavenn** · 29 March 2024, 02:35 PM

Originally posted by sophisticles View Post

As some of you may recall I explicitly talked about this type of vulnerability on open source software not too long ago.

Basically it's a case of what you see is not what you get, the code shared doesn't contain the exploit, it gets injected at compile time, or even better, manually added.

All open source software is vulnerable to this type of infiltration.

Also Fedora 41?

Fedora 40 isn't even out yet and Fedora 41 is already compromised?

Seriously, why would anyone use Fedora for anything?

Do you get paid per troll post or something by some PR / marketing firm? Like....why even bother if the only thing you're going to do is take massive shits over everything, but in reality are just misleading opinions at best and just full on bullshit at worst.

**avis** · 29 March 2024, 02:36 PM

Originally posted by bug77 View Post

Stop comparing apples to oranges then. Windows is a commercial product. Commercial Linux never distributed any malware either.
You're asking for the same level of scrutiny for free? I'm asking for a million dollars.

I'm done arguing with you. You're moving goalposts with your every comment and offering whataboutisms as counterarguments. Goodbye.

**kozman** · 29 March 2024, 02:37 PM

Originally posted by bug77 View Post

Stop comparing apples to oranges then. Windows is a commercial product. Commercial Linux never distributed any malware either.
You're asking for the same level of scrutiny for free? I'm asking for a million dollars.

Unless you and the rest of the community can see Microsoft's code, well, it's not a stretch that some kind of backdoor or other grouping of code that would require some known chained exploit could exist in Windows. As is shown by last weeks' Pwn2Own, people FAR SMARTER than us reading this--or giving our collective 2 cents---have found Windows holes to exploit (https://www.zerodayinitiative.com/bl...ay-one-results / https://www.zerodayinitiative.com/bl...ay-two-results). Were they left in on purpose or intentionally not fixed? <shrug> Maybe just sloppy coding. I'm not putting my tinfoil hat on and throwing out any conspiracy theories.

**sophisticles** · 29 March 2024, 02:37 PM

Originally posted by spicfoo View Post

There is no such thing as Fedora 41. So it cannot be compromised. Fedora 40 never got the update because the automated update checks failed and the update was never pushed out beyond staging. The only impacted place is the development branch.

From the article Michael published:

Red Hat today issued an "urgent security alert" for Fedora 41 and Fedora Rawhide users over XZ. Yes, the XZ tools and libraries for this compression format. Some malicious code was added to XZ 5.6.0/5.6.1 that could allow unauthorized remote system access.

Announcement

XZ Struck By Malicious Code That Could Allow Unauthorized Remote System Access

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment