Critical SSH Vulnerability in XZ Tools Hits Kubernetes: Patch Now!
April 1, 2024
Red Hat revealed a critical vulnerability, CVE-2024-3094, with a CVSS score of 10, affecting XZ tools and libraries.
The vulnerability was uncovered when an engineer noticed SSH performance issues, leading to the discovery of a supply chain attack.
Attackers were able to inject malicious code into liblzma, enabling remote code execution and SSH authentication bypass.
Kubernetes users are significantly impacted, especially on nodes with public-facing SSH servers using the compromised liblzma.
Mitigation strategies include patching, vulnerability scanning, and adhering to Kubernetes security best practices.
Major Linux distributions are affected, with advisories to either downgrade or update to secure versions of the software.
ARMO's Kubernetes-native security solution is mentioned as a tool to help handle CVE-related issues and maintain compliance.
Summary based on 1 source
Get a daily email with more Tech stories
Source

Security Boulevard • Mar 31, 2024
Bombshell in SSH servers! What CVE-2024-3094 means for Kubernetes users