A blog post discusses the XZ Utils CVE-2024-3094 exploit and how eBPF and Tetragon can be used to detect vulnerable versions of XZ Utils in the kernel during the OpenSSH startup process. The post highlights the technical details of the exploit, the significance of the exploit, and provides an example of a Tetragon TracingPolicy to detect the exploit.
Table of contents
What is the new XZ Utils CVE?Why is the XZ Util exploit significant?How does the exploit work technically?How does Tetragon detect and mitigate?Example Tetragon TracingPolicy to applyWhat does this TracingPolicy do?What is the output when detecting CVE 2024-3094 with Tetragon?ConclusionLearn MoreReferencesSort: