Clarify xz-utils backdoor IFUNC/glibc dependency
This commit is contained in:
parent
ba75ef7104
commit
6957038f77
SSH Key Fingerprint:
SHA256:K/a677+eHm7chi3X4s77BIpLTE9Vge1tsv+jUL5gI+Y
@ -1,7 +1,7 @@
|
|||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
|
|
||||||
<!-- Inferencium - Website - News -->
|
<!-- Inferencium - Website - News -->
|
||||||
<!-- Version: 1.2.0-beta.1 -->
|
<!-- Version: 1.2.0-beta.2 -->
|
||||||
|
|
||||||
<!-- Copyright 2024 Jake Winters -->
|
<!-- Copyright 2024 Jake Winters -->
|
||||||
<!-- SPDX-License-Identifier: BSD-3-Clause -->
|
<!-- SPDX-License-Identifier: BSD-3-Clause -->
|
||||||
@ -73,7 +73,8 @@
|
|||||||
<p>The <em>only</em> criteria met by Inferencium systems is amd64 as the system
|
<p>The <em>only</em> criteria met by Inferencium systems is amd64 as the system
|
||||||
architecture; this is not enough for the backdoor to be effective. Even if all criteria
|
architecture; this is not enough for the backdoor to be effective. Even if all criteria
|
||||||
other than running glibc were met, Inferencium systems would still be unaffected by this
|
other than running glibc were met, Inferencium systems would still be unaffected by this
|
||||||
attack due to musl not supporting the required <code>IFUNC</code> functionality.</p>
|
attack due to musl not supporting the required <code>IFUNC</code> functionality which
|
||||||
|
the backdoor seems heavily dependent on.</p>
|
||||||
<p><strong>Despite the evidence, it is unknown exactly what this malicious code does and is
|
<p><strong>Despite the evidence, it is unknown exactly what this malicious code does and is
|
||||||
capable of in entirety. As a precautionary measure, I have generated a new SSH key and
|
capable of in entirety. As a precautionary measure, I have generated a new SSH key and
|
||||||
classified the previous key as compromised. You can find my new key on the
|
classified the previous key as compromised. You can find my new key on the
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user