... or readlink might require a flag like -f and/or the which command might not include root's $PATH so perhaps run under sudo.
This is a little hacky. A better bet for your operations might be Neuvector.
readlink $(awk '/liblzma.so.5/{print $3}' <(ldd $(which sshd))) | grep -qE "liblzma.so.5.6.0|liblzma.so.5.6.1" && echo "Affected by CVE-2024-3094" || echo "Not affected."