AudioCircle
Industry Circles => Salk Signature Sound => Topic started by: Saturn94 on 30 Mar 2024, 10:21 pm
-
An FYI for fellow Salkstream users....
I came across this today on the Roon Forum:
https://community.roonlabs.com/t/xz-utils-malware-reported-today/269378
It's also mentioned here on the AchLinux site:
https://archlinux.org/
I was able to determine the version on my Salkstream III (I updated the OS earlier this month) was affected, so I updated again. I'm certainly not qualified to determine how serious an issue this is for Salkstream users, but it bothered me enough to seek a solution.
-
"The new exploit, identified as CVE-2024-3094, is a critical vulnerability found in the XZ Utils, specifically in versions 5.6.0 and 5.6.1 of the xz libraries. This vulnerability allows for a backdoor that enables unauthorized remote access to affected systems by bypassing sshd authentication, which could grant a threat actor comprehensive control over the entire system."
It seems unlikely that the Salkstream would be visible from outside the network and have SSH enabled. The Salkstream is designed to work on the LAN, and for most home networks, you would have to change the default firewall on the gateway to allow a device on the LAN to be seen from outside.
I could be wrong. The Salkstream might have SSH turned on by default and some home networks might not have good default firewall rules.
-
"The new exploit, identified as CVE-2024-3094, is a critical vulnerability found in the XZ Utils, specifically in versions 5.6.0 and 5.6.1 of the xz libraries. This vulnerability allows for a backdoor that enables unauthorized remote access to affected systems by bypassing sshd authentication, which could grant a threat actor comprehensive control over the entire system."
It seems unlikely that the Salkstream would be visible from outside the network and have SSH enabled. The Salkstream is designed to work on the LAN, and for most home networks, you would have to change the default firewall on the gateway to allow a device on the LAN to be seen from outside.
I could be wrong. The Salkstream might have SSH turned on by default and some home networks might not have good default firewall rules.
Hopefully, you are correct and this is a non-issue for the Salkstream. I really don’t know, but felt more comfortable updating to be safe.
Also, I don’t know if using Roon ARC makes the Salkstream more vulnerable.