CVE-2024-12085

Published Jan 14, 2025
Last updated 9 days ago
CVSS high 7.5
Firmware
Overview

Description: A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
Source: secalert@redhat.com
NVD status: Modified
Products: rsync, openshift, openshift_container_platform, enterprise_linux, enterprise_linux_eus, enterprise_linux_for_arm_64, enterprise_linux_for_arm_64_eus, enterprise_linux_for_ibm_z_systems, enterprise_linux_for_ibm_z_systems_eus, enterprise_linux_for_power_little_endian, enterprise_linux_for_power_little_endian_eus, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, enterprise_linux_server_tus, enterprise_linux_update_services_for_sap_solutions, almalinux, arch_linux, linux, nixos, suse_linux, smartos
Risk scores

CVSS 3.1

Type: Secondary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: HIGH
Weaknesses

secalert@redhat.com: CWE-908
nvd@nist.gov: CWE-908
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:samba:rsync:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "C3A9FCFD-8115-4C36-95D1-625B124ED9F9",
            "versionEndExcluding": "3.3.0",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:redhat:openshift:5.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "3FD9C791-100F-4672-AB43-94B80DFAF818",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*",
            "matchCriteriaId": "40449571-22F8-44FA-B57B-B43F71AB25E2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.13:*:*:*:*:*:*:*",
            "matchCriteriaId": "1FFF1D51-ABA8-4E54-B81C-A88C8A5E4842",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.14:*:*:*:*:*:*:*",
            "matchCriteriaId": "486B3F69-1551-4F8B-B25B-A5864248811B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.15:*:*:*:*:*:*:*",
            "matchCriteriaId": "4716808D-67EB-4E14-9910-B248A500FAFA",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.16:*:*:*:*:*:*:*",
            "matchCriteriaId": "0EBB38E1-4161-402D-8A37-74D92891AAC5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.17:*:*:*:*:*:*:*",
            "matchCriteriaId": "F4B66318-326A-43E4-AF14-015768296E4E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
            "matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*",
            "matchCriteriaId": "B03506D7-0FCD-47B7-90F6-DDEEB5C5A733",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.6:*:*:*:*:*:*:*",
            "matchCriteriaId": "C4CF8D2F-DACA-49C2-A9F4-63496B0A9A80",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*",
            "matchCriteriaId": "5A47EF78-A5B6-4B89-8B74-EEB0647C549F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*",
            "matchCriteriaId": "2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2_aarch64:*:*:*:*:*:*:*",
            "matchCriteriaId": "D85E0DBA-A856-472A-8271-A4F37C35F952",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*",
            "matchCriteriaId": "213593D4-EB5A-4A1B-BDF3-3F043C5F6A6C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*",
            "matchCriteriaId": "01363FFA-F7A6-43FC-8D47-E67F95410095",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.6_aarch64:*:*:*:*:*:*:*",
            "matchCriteriaId": "CA15BFFC-B8E8-4EE3-8E14-8C95DF6C99C4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*",
            "matchCriteriaId": "32AF225E-94C0-4D07-900C-DD868C05F554",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*",
            "matchCriteriaId": "FB056B47-1F45-4CE4-81F6-872F66C24C29",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*",
            "matchCriteriaId": "2E068ABB-31C2-416E-974A-95E07A2BAB0A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*",
            "matchCriteriaId": "22C65F53-D624-48A9-A9B7-4C78A31E19F9",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*",
            "matchCriteriaId": "F843B777-5C64-4CAE-80D6-89DC2C9515B1",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.6_s390x:*:*:*:*:*:*:*",
            "matchCriteriaId": "778ACA25-ED77-4EFC-A183-DE094C58B268",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*",
            "matchCriteriaId": "23D471AC-7DCA-4425-AD91-E5D928753A8C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.8_ppc64le:*:*:*:*:*:*:*",
            "matchCriteriaId": "5B4A41C6-7ECB-4F3D-AB10-96F2D00B6840",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*",
            "matchCriteriaId": "E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*",
            "matchCriteriaId": "ED521457-498F-4E43-B714-9A3F2C3CD09A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*",
            "matchCriteriaId": "FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:*",
            "matchCriteriaId": "0516993E-CBD5-44F1-8684-7172C9ABFD0A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "6897676D-53F9-45B3-B27F-7FF9A4C58D33",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*",
            "matchCriteriaId": "E28F226A-CBC7-4A32-BE58-398FA5B42481",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*",
            "matchCriteriaId": "76C24D94-834A-4E9D-8F73-624AFA99AAA2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*",
            "matchCriteriaId": "39D345D3-108A-4551-A112-5EE51991411A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.6:*:*:*:*:*:*:*",
            "matchCriteriaId": "0FDD919E-B7FE-4EC5-8D6B-EC9A4723D6E2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4_ppc64le:*:*:*:*:*:*:*",
            "matchCriteriaId": "6E645F29-0FE0-477F-969A-55F009AB018C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6_ppc64le:*:*:*:*:*:*:*",
            "matchCriteriaId": "6C138DAF-9769-43B0-A9E6-320738EB3415",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8_ppc64le:*:*:*:*:*:*:*",
            "matchCriteriaId": "18037675-B4D3-401E-96D3-9EA3C1993920",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.0_ppc64le:*:*:*:*:*:*:*",
            "matchCriteriaId": "3DA48001-66CC-4E71-A944-68D7D654031E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*",
            "matchCriteriaId": "CC6A25CB-907A-4D05-8460-A2488938A8BE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:*:*:*:*:*:*:*",
            "matchCriteriaId": "3C30F155-DF7D-4195-92D9-A5B80407228D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.6_ppc64le:*:*:*:*:*:*:*",
            "matchCriteriaId": "41F1A2F3-BCEF-4A8C-BA2F-DF1FF13E6179",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*",
            "matchCriteriaId": "AC10D919-57FD-4725-B8D2-39ECB476902F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*",
            "matchCriteriaId": "1272DF03-7674-4BD4-8E64-94004B195448",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*",
            "matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*",
            "matchCriteriaId": "E881C927-DF96-4D2E-9887-FF12E456B1FB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*",
            "matchCriteriaId": "FB096D5D-E8F6-4164-8B76-0217B7151D30",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "083AAC55-E87B-482A-A1F4-8F2DEB90CB23",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "1FD9BF0E-7ACF-4A83-B754-6E3979ED903F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.6:*:*:*:*:*:*:*",
            "matchCriteriaId": "554AA8CA-A930-4788-B052-497E09D48381",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:almalinux:almalinux:8.0:-:*:*:*:*:*:*",
            "matchCriteriaId": "F34AA7F4-6ECE-4FA5-A310-3509648BD7C7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:*",
            "matchCriteriaId": "57B93E9A-1483-4FF7-BF45-BD0D7D9F1747",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:almalinux:almalinux:10.0:-:*:*:*:*:*:*",
            "matchCriteriaId": "66FD02F3-C1C2-4E1D-98C1-8889004437D4",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:archlinux:arch_linux:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "4824AE2D-462B-477D-9206-3E2090A32146",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:gentoo:linux:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "92121D8A-529E-454A-BC8D-B6E0017E615D",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nixos:nixos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "213883D5-9E62-4496-82E3-D5377995C257",
            "versionEndExcluding": "24.11",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:suse:suse_linux:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "1FB65EF0-0E6A-4178-8564-3CC96891A072",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:tritondatacenter:smartos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "8EBD774C-F48F-45EC-A5DD-B1E56E54EF71",
            "versionEndExcluding": "20250123",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]
References

Sources include official advisories and independent security research.
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References
