The Fedora Project was made aware of CVE-2024-3094 on Friday, March 29th related to the xz tools and libraries. At this time, Fedora Rawhide users are likely to have received the tainted package and Fedora Linux 40 Beta users may have received the package if they opted into updating from testing repositories.

Source: Fedora Magazine