Binarly has issued a free online tool that would facilitate scanning a newly discovered backdoor and maximum severity vulnerability in xz tools and libraries used by major Linux distributions, tracked as CVE-2024-3094, across Linux binaries amid significant security risks, according to Security Affairs.
Binarly has touted that its scanner has yielded almost zero false positive rates in detecting the backdoor due to its use of ifunc transition behavioral analysis that involved the identification of control flow graph transition tampering.
"Such detection methods could expose potential control flow tampering during the implantation of malicious ifunc resolvers. This technique works generically and will be able to detect invariants or reuse of the payloads in other software supply chain attacks," said Binarly.
The development comes after warnings from the Cybersecurity and Infrastructure Security Agency and Red Hat to downgrade implemented XZ versions and halt the usage of Fedora Rawhide instances, respectively.
