from Hacker News

Ask HN: Am I safe regarding xz?

by Hbruz0 on 4/5/24, 9:07 PM with 1 comments

Upon seeing the xz backdoor reports, I checked my version and saw that my machine (arch btw) contained the compromised version. I swiftly updated to a patched version but am unsure of how to detect if it has been exploited.

I had no ports open for ssh (or anything else), but the sshd service was active.

What should I do ? Wipe and reinstall my distro, or am I safe ?

Thanks

by bashonly on 4/6/24, 12:05 AM
based on what is currently known, arch was never vulnerable to the backdoor that was discovered. arch doesn't patch sshd so that it links systemd like how debuntu/fedora do, which was a requirement for the backdoor.
ofc this doesn't rule out any as-of-yet unknown vulnerabilities in xz/liblzma.