A major Linux backdoor vulnerability has been detected, leaving many users prone to malicious codes and cyberattacks.
First discovered by Microsoft developer Andres Freund on Friday, the backdoor supposedly existed for quite some time across some versions of Linux computers and has only been detected after the SSHD processes "were using a surprising amount of CPU."
Freund remarked that the vulnerability "really required a lot of coincidences" to be detected.
Software firm RedHat later reported that the malicious codes are found in the latest versions of the "xz" tools and libraries, particularly in versions 5.6.0 and 5.6.1.
The "xz" tools refer to the "general purpose data compression format" usually used in both community and commercial Linux products, according to RedHat. It is specifically used to transfer large format files easily.
RedHat warned users of the Fedora Linux 40 and Fedora Rawhide to immediately downgrade their version for the moment while the issue has not yet been fixed.
Freund has already notified the Linux security Openwall Project about the backdoor.
How to Fix Linux Backdoor Vulnerability?
As of writing, there is no definitive fix yet on the backdoor issue.
However, affected users are advised to immediately upgrade their Linux devices if an update has been officially rolled out.
For the time being, either downgrade the vulnerable Linux device or add a trusted third-party firewall to protect sensitive files.
According to RedHat, the vulnerability allows bad actors to bypass the current protections of Linux to alert users if a malicious code was delivered.
Better security systems can be installed from Git libraries.
Malware Increasing in Linux Devices
The recent vulnerability report on the Linux devices is only the latest incident of a major exploit on its systems.
With hackers using more and more sophisticated methods to steal user data, it is advised for users to constantly check for security updates.