flowchart TD
A[Should I update my system because of the liblzma thing?] --> B((Do you use a rolling release distro?<br>Think Arch Linux, Manjaro, nixos/nixpkgs-unstable, ....<br>Notably, this does not include stable-release distros like Ubuntu, unless you manually installed a newer version of the affected software.))
B --> C[Yes] --> D(Have you updated within the last two to three weeks?)
D --> O[Yes]
D --> P[No] --> K
O --> E[Run the script attached below. Did it come back positive?] --> F(Yes)
F --> G[Update now.]
E --> H[No]
H --> I[Consider updating either way.]
B --> J[No] --> K[You don't need to update because of this.]
J --> W[I don't trust you.] --> E
Last active
March 30, 2024 04:11
-
-
Save tomodachi94/ec11f51b853b4800ed54a9510d753888 to your computer and use it in GitHub Desktop.
A hopefully-helpful diagram to help you determine a course of action about the liblzma thing.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -eu | |
| # find path to liblzma used by sshd | |
| path="$(ldd $(which sshd) | grep liblzma | grep -o '/[^ ]*')" | |
| # does it even exist? | |
| if [ -z "$path" ] | |
| then | |
| echo probably not vulnerable | |
| exit | |
| fi | |
| # check for function signature | |
| if hexdump -ve '1/1 "%.2x"' "$path" | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c2410 | |
| then | |
| echo probably vulnerable | |
| else | |
| echo probably not vulnerable | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment