/
CVE-2024-3094-checker.sh
executable file
·43 lines (38 loc) · 1.65 KB
/
CVE-2024-3094-checker.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#!/bin/bash
if type -P xz >/dev/null 2>&1; then
version=$(xz --version | head -n 1 | awk '{print $4}')
else
echo "xz-utils is not installed. Exiting."
exit 1
fi
# Check if vulnerable version is installed
if [[ "$version" == *"5.6.0"* || "$version" == *"5.6.1"* ]]; then
echo "Vulnerable version of xz-utils found: $version"
read -p "Do you want to attempt installing the stable uncompromised xz-utils 5.4.6 version from source? (You need to have wget, tar, make) (y/n): " choice
if [[ "$choice" == "y" || "$choice" == "Y" ]]; then
echo "Downloading xz-utils 5.4.6 from source..."
wget https://github.com/tukaani-project/xz/releases/download/v5.4.6/xz-5.4.6.tar.gz
hash=$(sha256sum xz-5.4.6.tar.gz | awk '{print $1}')
echo "Checking hash..."
if [[ "$hash" != "aeba3e03bf8140ddedf62a0a367158340520f6b384f75ca6045ccc6c0d43fd5c" ]]; then
echo "Hash mismatch. Exiting."
exit 1
fi
echo "Hash matched. Proceeding..."
tar -zxvf xz-5.4.6.tar.gz
cd xz-5.4.6
echo "Configuring xz-utils..."
./configure
echo "Compiling xz-utils..."
make
echo "Installing xz-utils..."
make install
echo "xz-utils 5.4.6 installed successfully."
echo "You can check the version by running 'xz --version'."
echo "\n\n\n\n!!! PLEASE UNINSTALL THE VULNERABLE VERSION OF xz-utils USING YOUR PACKAGE MANAGER !!!"
else
echo "You chose not to install the package automatically. Install manually if needed. Exiting."
fi
else
echo "You are using version $version of xz-utils which is not vulnerable. Exiting..."
fi