detect-cve-2024-3094.sh

#!/bin/bash

# Function to check the XZ Utils version
check_xz_version() {
    local xz_version
    if command -v dpkg &>/dev/null; then
        xz_version=$(dpkg-query -W -f='${Version}' xz-utils 2>/dev/null)
        package_manager="dpkg"
    elif command -v rpm &>/dev/null || command -v zypper &>/dev/null; then
        xz_version=$(rpm -q xz 2>/dev/null | grep -o -E '[0-9]+\.[0-9]+\.[0-9]+')
        package_manager="rpm/zypper"
    else
        echo "Unsupported package manager or XZ Utils is not installed."
        return 1
    fi

    if [[ -n "$xz_version" ]]; then
        echo "Installed XZ Utils version: $xz_version"
        if [[ "$xz_version" == "5.6.0" || "$xz_version" == "5.6.1" ]]; then
            echo "Your system is running a vulnerable version of XZ Utils."
            is_vulnerable=true
        else
            echo "Your system is not running a vulnerable version of XZ Utils."
            is_vulnerable=false
        fi
    else
        echo "XZ Utils is not installed or version information not available."
        return 1
    fi
}

# Function to check the Linux distribution and downgrade XZ Utils if needed
check_and_downgrade() {
    local distro=$(. /etc/os-release && echo "$ID")

    case "$distro" in
        fedora)
            echo "Fedora-based system detected."
            if [ "$is_vulnerable" = true ]; then
                sudo dnf downgrade xz-5.4.3
                echo "XZ Utils downgraded to version 5.4.3."
            else
                echo "No vulnerability detected. No downgrade needed."
            fi
            ;;
        debian)
            echo "Debian-based system detected."
            if [ "$is_vulnerable" = true ]; then
                sudo apt install xz-utils=5.4.3
                echo "XZ Utils downgraded to version 5.4.3."
            else
                echo "No vulnerability detected. No downgrade needed."
            fi
            ;;
        opensuse-tumbleweed)
            echo "openSUSE Tumbleweed system detected."
            if [ "$is_vulnerable" = true ]; then
                sudo zypper downgrade xz-5.4.3
                echo "XZ Utils downgraded to version 5.4.3."
            else
                echo "No vulnerability detected. No downgrade needed."
            fi
            ;;
        kali)
            echo "Debian-based Kali Linux system detected."
            if [ "$is_vulnerable" = true ]; then
                sudo apt install xz-utils=5.4.3
                echo "XZ Utils downgraded to version 5.4.3."
            else
                echo "No vulnerability detected. No downgrade needed."
            fi
            ;;
        *)
            echo "Unsupported Linux distribution detected."
            return 1
            ;;
    esac
}

# Call the functions
check_xz_version
check_and_downgrade