Backdoor in XZ Utils allows RCE: everything you need to know

A malicious backdoor embedded in XZ Utils releases 5.6.0 and 5.6.1 (tracked as CVE-2024-3094) was found to install a compromised liblzma during certain distribution/package builds; this backdoor can hook crypto-related symbols and achieve remote code execution in sshd when runtime conditions are met. Multiple major Linux distributions, installation media, VM images and containers were reported impacted, and the backdoor uses obfuscation, anti-debugging, and log-hiding techniques; vendors recommend downgrading to pre-5.6.0 packages and hunting for indicators.