A critical vulnerability has been discovered in the latest versions of the ‘xz’ compression tools and libraries, putting Fedora Linux 40 users and Fedora Rawhide users at risk. The affected versions, 5.6.0 and 5.6.1, contain malicious code that could potentially lead to unauthorized access to systems. It is recommended that Fedora Rawhide users stop using the distribution for both work and personal activities until the issue is resolved.
Red Hat is working on reverting Fedora Rawhide to the safer xz-5.4.x version to ensure the security of users. While Fedora Linux 40 builds have not been confirmed to be compromised, it is advised for users to downgrade to a 5.4 build as a precautionary measure. An update reverting xz to 5.4.x has been released and is being distributed to Fedora Linux 40 users through the normal update system. Users can follow instructions provided by Red Hat to expedite the update process.
This incident highlights the importance of regularly updating software and being vigilant about security vulnerabilities. It is crucial for users to stay informed about potential threats and take necessary precautions to protect their systems from malicious attacks.
Source link
