The XZ-Utils backdoor, first found in March 2024, continues to be current in a minimum of 35 Linux photos on Docker Hub, probably placing customers, organizations, and their knowledge in danger.
Docker Hub is the official public container picture registry operated by Docker, permitting builders and organizations to add or obtain prebuilt photos and share them with the neighborhood.
Many CI/CD pipelines, builders, and manufacturing programs pull photos straight from Docker Hub as base layers for their very own containers, and if these photos are compromised, the brand new construct inherits the flaw or malicious code.
Binarly researchers have found quite a few Docker photos nonetheless impacted by the XZ-Utils backdoor.
“At first look, this won’t appear alarming: if the distribution packages had been backdoored, then any Docker photos primarily based on them can be contaminated as effectively,” reviews Binarly.
“Nevertheless, what we found is that a few of these compromised photos are nonetheless publicly obtainable on Docker Hub. And much more troubling, different photos have been constructed on prime of those contaminated base photos, making them transitively contaminated.”
Binarly reported the pictures to Debian, one of many maintainers nonetheless providing backdoored photos, who determined to not take them offline, citing low danger and significance of archiving continuity.
The XZ-Utils backdoor, tracked underneath CVE-2024-3094, was malicious code hidden within the liblzma.so library of the xz-utils compression device, variations 5.6.0 and 5.6.1.
It hooked the RSA_public_decrypt operate in OpenSSH through glibc’s IFUNC mechanism, so if an attacker with a particular non-public key linked over SSH to an affected system, they might bypass authentication and remotely run instructions as root.
The backdoor was stealthily injected by a long-time undertaking contributor named “Jia Tan,” and shipped in official Linux distro packages like Debian, Fedora, OpenSUSE, and Crimson Hat, making it one of the vital extreme software program provide chain compromises final yr.
The backdoor was found early on, giving attackers little or no alternative to leverage it, and scanners had been launched by Binarly and Kaspersky, amongst others, to assist detect it on dependent open-source software program.
Debian’s response
To the researchers’ shock, Debian didn’t hassle to retract 64-bit photos utilizing the backdoored model of the library from Docker Hub, discovering a minimum of 35 of them which can be nonetheless obtainable for obtain.
Binarly feedback that this determine is just a partial reflection of the true scale of the issue, as they didn’t carry out a platform-wide scan for the XZ-Utils backdoor.
“We recognized greater than 35 photos that ship with the backdoor,” explains Binarly in its report.
“Whereas this will seem to be a small quantity, we solely scanned a small portion of the pictures printed on DockerHub, stopping at second-order photos.”
Debian says they deliberately opted to not take away these photos from Docker Hub and to depart them as historic artifacts, telling customers to solely use up-to-date photos and not previous ones.
The maintainers made this determination as they brleive the necessities for exploitation are unlikely, reminiscent of requiring sshd put in and operating on the container, the attacker having community entry to the SSH service on that container, and utilizing a non-public key that matches the backdoor’s set off logic.
Supply: Binarly
Binarly expresses disagreement with this strategy, underlining that merely making these photos accessible to the general public poses a big danger from unintended pulls or use in automated builds.
The identical applies to all photos which will include a compromised model of the XZ-Utils backdoor, so customers ought to manually verify and make sure the library is on model 5.6.2 or later (the newest steady is 5.8.1).
46% of environments had passwords cracked, almost doubling from 25% final yr.
Get the Picus Blue Report 2025 now for a complete have a look at extra findings on prevention, detection, and knowledge exfiltration traits.
