The XZ backdoor, identified by the CVE-2024-3094 vulnerability, is a critical security breach that has affected multiple Linux distributions, including Debian 13 and unstable, Fedora Rawhide, Fedora 40, Kali Linux, and OpenSUSE Tumbleweed. The malicious actor, believed to be Jia Tan, embedded a backdoor in the liblzma software library, which provides compression and decompression functions, by manipulating compressed test files. This allowed for the establishment of a backdoor through alterations to the tar files' configure script, enabling circumvention of sshd authentication and granting unauthorized remote system access. The exploit leverages the GNU C Library and capitalizes on a chain-loading scenario where a third-party patch causes libsystemd to load the affected liblzma software library. The attack has led to a supply chain security incident, highlighting the importance of trust and verification in open source contributions. To mitigate this vulnerability, users are advised to update their systems promptly, and developers can use Snyk's SBOM Checker to track remediation efforts.