CVE-2024-3094-checker.sh

#!/bin/bash

if type -P xz >/dev/null 2>&1; then
    version=$(xz --version | head -n 1 | awk '{print $4}')
else
    echo "xz-utils is not installed. Exiting."
    exit 1
fi


# Check if vulnerable version is installed
if [[ "$version" == *"5.6.0"* || "$version" == *"5.6.1"* ]]; then
    echo "Vulnerable version of xz-utils found: $version"
    read -p "Do you want to attempt installing the stable uncompromised xz-utils 5.4.6 version from source? (You need to have wget, tar, make) (y/n): " choice
    if [[ "$choice" == "y" || "$choice" == "Y" ]]; then
        echo "Downloading xz-utils 5.4.6 from source..."
        wget https://github.com/tukaani-project/xz/releases/download/v5.4.6/xz-5.4.6.tar.gz
        hash=$(sha256sum xz-5.4.6.tar.gz | awk '{print $1}')
        echo "Checking hash..."
        if [[ "$hash" != "aeba3e03bf8140ddedf62a0a367158340520f6b384f75ca6045ccc6c0d43fd5c" ]]; then
            echo "Hash mismatch. Exiting."
            exit 1
        fi
        echo "Hash matched. Proceeding..."
        tar -zxvf xz-5.4.6.tar.gz
        cd xz-5.4.6
        echo "Configuring xz-utils..."
        ./configure
        echo "Compiling xz-utils..."
        make
        echo "Installing xz-utils..."
        make install
        echo "xz-utils 5.4.6 installed successfully."
        echo "You can check the version by running 'xz --version'."
        echo "\n\n\n\n!!! PLEASE UNINSTALL THE VULNERABLE VERSION OF xz-utils USING YOUR PACKAGE MANAGER !!!"
    else
        echo "You chose not to install the package automatically. Install manually if needed. Exiting."
    fi
else
    echo "You are using version $version of xz-utils which is not vulnerable. Exiting..."
fi