-
Notifications
You must be signed in to change notification settings - Fork 0
/
CVE-2024-3094_checker.py
33 lines (27 loc) · 1.23 KB
/
CVE-2024-3094_checker.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
#!/usr/bin/env python3
################################
# Verify your system against #
# CVE-2024-3094 #
# lypd0.com #
################################
import subprocess
import re
print(" ___ _ _ ____ ___ ___ ___ __ ___ ___ ___ __ ")
print(" / __)( \/ )( ___)___(__ \ / _ \(__ \ /. | ___(__ ) / _ \ / _ \ /. | ")
print("( (__ \ / )__)(___)/ _/( (_) )/ _/(_ _)(___)(_ \( (_) )\_ /(_ _)")
print(" \___) \/ (____) (____)\___/(____) (_) (___/ \___/ (_/ (_) ")
try:
xz_version_output = subprocess.run(["xz", "--version"], capture_output=True, text=True, check=True).stdout
except subprocess.CalledProcessError:
print("[-] xz package is not installed.")
exit(1)
xz_version_match = re.search(r"(\d+\.\d+\.\d+)", xz_version_output)
if xz_version_match:
xz_version = xz_version_match.group(1)
else:
print("[-] Unable to determine xz version.")
exit(1)
if xz_version in ["5.6.0", "5.6.1"]:
print("\n[*] You are VULNERABLE to CVE-2024-3094\n\nIt is recommended to downgrade to a non-vulnerable version:\nhttps://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users")
else:
print("\n[*] You are NOT vulnerable to CVE-2024-3094.")