[mdlug] info about the xz backdoor
LAP
mail1 at lapiet.info
Sun Mar 31 08:56:35 EDT 2024
On Sun, 31 Mar 2024 07:33:43 -0400
"Carl T. Miller" <carl at carltm.com> wrote:
> This is a good video that explains how the backdoor
> works and how it got there in the first place.
>
> https://www.youtube.com/watch?v=OHAyf0qwdCs
>
The vid contains a useful command to check ones system:
ldd "$(command -v sshd)"
On Gentoo, I get:
linux-vdso.so.1 (0x00007ffff7fcb000)
libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
/lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)
Thus, regardless of what version of xv-utils is installed my
system cannot be affected.
More information about the mdlug
mailing list