IFUNC'd up
The role of GNU IFUNC in the xz-utils/ssh backdoor (CVE-2024-3094)
Most of the discussion of the XZ Utils backdoor (CVE-2024-3094) has focused on the social engineering aspects of this attack. I think this is shortsighted, and places far too much blame on the xz-utils maintainer. My take is that GNU IFUNC is the real culprit.
I developed a tutorial called IFUNC'd up which explains how GNU IFUNC works, and why it's a terrible idea. I also gave talk at ETSA about this, which is available on YouTube: https://www.youtube.com/watch?v=7j8ZCDGwSr8