CVE-2024-3094 documents a backdoor in the xz package. This backdoor was inserted by either a xz maintainer or someone who had compromised the maintainer’s machine. While the motivation behind this backdoor remains unknown, the intent was to compromise specific distributions, as the backdoors were only applied to DEB or RPM packages for the x86-64 architecture built with gcc and the gnu linker.

If your system is using "xz-5.6.0" or "xz-5.6.1" packages you need to immediately downgrade them to "5.4.X" to get rid of the backdoored code. Debian stable versions and related distributions are unaffected according to the developers. To check if you have been infected, run the following command to check your "xz" version.

xz -V

A good result would be as shown below, which displays a non-affected version present in Debian 12 stable.

xz (XZ Utils) 5.4.1
liblzma 5.4.1

Whonix, Debian and Tails seem to be unaffected by this, due to their stable release system, but always do your own research, especially when it's that simple. If your system is affected, you need the following command in order to downgrade (For people on Debian based distributions).

sudo apt install liblzma5=5.4.1-0.2

It's become clear that Chinese threat actors have inserted this backdoor for malicious purposes, and may have affected other packages as well. Stay safe and keep your news open to know when to upgrade and when to downgrade.