CVE-2024-12085

Name
CVE-2024-12085
Description
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
vdb-entry https://access.redhat.com/security/cve/CVE-2024-12085
issue-tracking https://bugzilla.redhat.com/show_bug.cgi?id=2330539
secalert@redhat.com https://kb.cert.org/vuls/id/952657
vendor-advisory https://access.redhat.com/errata/RHSA-2025:0324
vendor-advisory https://access.redhat.com/errata/RHSA-2025:0325
vendor-advisory https://access.redhat.com/errata/RHSA-2025:0637
vendor-advisory https://access.redhat.com/errata/RHSA-2025:0688
vendor-advisory https://access.redhat.com/errata/RHSA-2025:0714
vendor-advisory https://access.redhat.com/errata/RHSA-2025:0774
vendor-advisory https://access.redhat.com/errata/RHSA-2025:0787
vendor-advisory https://access.redhat.com/errata/RHSA-2025:0790
vendor-advisory https://access.redhat.com/errata/RHSA-2025:0849
vendor-advisory https://access.redhat.com/errata/RHSA-2025:0884
vendor-advisory https://access.redhat.com/errata/RHSA-2025:0885
vendor-advisory https://access.redhat.com/errata/RHSA-2025:1120
vendor-advisory https://access.redhat.com/errata/RHSA-2025:1123
vendor-advisory https://access.redhat.com/errata/RHSA-2025:1128
vendor-advisory https://access.redhat.com/errata/RHSA-2025:1227
vendor-advisory https://access.redhat.com/errata/RHSA-2025:1225
vendor-advisory https://access.redhat.com/errata/RHSA-2025:1242
vendor-advisory https://access.redhat.com/errata/RHSA-2025:1451
134c704f-9b21-4f2e-91b3-4a467353bcc0 https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj
vendor-advisory https://access.redhat.com/errata/RHSA-2025:2701
af854a3a-2127-422b-91ae-364da2661108 https://security.netapp.com/advisory/ntap-20250131-0002/
af854a3a-2127-422b-91ae-364da2661108 https://lists.debian.org/debian-lts-announce/2025/01/msg00008.html
af854a3a-2127-422b-91ae-364da2661108 https://www.kb.cert.org/vuls/id/952657
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:21885

Match rules

CPE URI Source package Min version Max version
cpe:/o:redhat:enterprise_linux:8::baseos shopxo >= 0:3.1.3-20.el8_10 < *
cpe:/a:redhat:enterprise_linux:9::appstream shopxo >= 0:3.2.3-20.el9_5.1 < *
shopxo >= 0 <= 3.3.0
cpe:/o:redhat:rhel_els:6 shopxo >= 0:3.0.6-12.el6_10.1 < *
cpe:/o:redhat:rhel_els:7 shopxo >= 0:3.1.2-12.el7_9.1 < *
cpe:/o:redhat:rhel_aus:8.2::baseos shopxo >= 0:3.1.3-7.el8_2.3 < *
cpe:/o:redhat:rhel_aus:8.4::baseos shopxo >= 0:3.1.3-12.el8_4.3 < *
cpe:/o:redhat:rhel_eus:8.8::baseos shopxo >= 0:3.1.3-20.el8_8.1 < *
cpe:/a:redhat:rhel_e4s:9.0::appstream shopxo >= 0:3.2.3-9.el9_0.3 < *
cpe:/a:redhat:openshift:4.12::el8 shopxo >= 412.86.202502100314-0 < *
cpe:/a:redhat:openshift:4.13::el8 shopxo >= 413.92.202503112237-0 < *
cpe:/a:redhat:openshift:4.15::el8 shopxo >= 415.92.202501281917-0 < *
cpe:/a:redhat:openshift:4.16::el9 shopxo >= v4.16.0-202501311735.p0.g2cb0020.assembly.stream.el9 < *
cpe:/a:redhat:openshift:4.16::el9 shopxo >= v4.16.0-202501311933.p0.g4246d04.assembly.stream.el9 < *
cpe:/a:redhat:openshift:4.16::el9 shopxo >= v4.16.0-202501311605.p0.g4246d04.assembly.stream.el9 < *
cpe:/a:redhat:openshift:4.17::el9 shopxo >= 417.94.202502051822-0 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v5.8.17-22 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v5.8.17-10 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v6.8.1-454 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v5.8.17-17 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v1.0.0-537 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v5.8.17-4 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v0.4.0-339 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v1.1.0-320 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v5.8.1-552 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v3.3.2-9 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v5.8.17-5 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v5.8.17-12 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v0.1.0-725 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v0.1.0-342 < *
cpe:/a:redhat:logging:5.8::el9 shopxo >= v0.28.1-88 < *
cpe:/a:redhat:logging:5.9::el9 shopxo >= v5.9.11-25 < *
cpe:/a:redhat:logging:5.9::el9 shopxo >= v5.9.11-11 < *
cpe:/a:redhat:logging:5.9::el9 shopxo >= v0.4.0-340 < *
cpe:/a:redhat:logging:5.9::el9 shopxo >= v5.9.11-5 < *
cpe:/a:redhat:logging:5.9::el9 shopxo >= v1.1.0-321 < *
cpe:/a:redhat:logging:5.9::el9 shopxo >= v3.3.2-8 < *
cpe:/a:redhat:logging:5.9::el9 shopxo >= v5.9.11-6 < *
cpe:/a:redhat:logging:5.9::el9 shopxo >= v5.9.11-9 < *
cpe:/a:redhat:logging:5.9::el9 shopxo >= v5.9.11-4 < *
cpe:/a:redhat:logging:5.9::el9 shopxo >= v0.1.0-724 < *
cpe:/a:redhat:logging:5.9::el9 shopxo >= v0.1.0-341 < *
cpe:/a:redhat:logging:5.9::el9 shopxo >= v0.34.1-30 < *
cpe:/o:redhat:rhel_aus:8.6::baseos shopxo >= 0:3.1.3-14.el8_6.6 < *
cpe:/a:redhat:rhel_eus:9.2::appstream shopxo >= 0:3.2.3-19.el9_2.1 < *
cpe:/o:redhat:rhel_eus:9.4::baseos shopxo >= 0:3.2.3-19.el9_4.1 < *
cpe:/a:redhat:openshift:4.14::el9 shopxo >= 414.92.202502111902-0 < *
cpe:2.3:a:samba:rsync:*:*:*:*:*:*:*:* rsync >= None < 3.3.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
rsync edge-main 3.4.0-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
rsync edge-main 3.2.4-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
rsync edge-main 3.2.4-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
rsync edge-main 3.2.3-r5 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
rsync edge-main 3.2.3-r4 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
rsync edge-main 3.2.3-r3 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
rsync edge-main 3.1.2-r7 None possibly vulnerable
rsync 3.22-main 3.4.0-r0 None fixed
rsync 3.22-main 3.2.4-r2 None possibly vulnerable
rsync 3.22-main 3.1.2-r7 None possibly vulnerable
rsync 3.21-main 3.4.0-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
rsync 3.21-main 3.2.4-r2 None possibly vulnerable
rsync 3.21-main 3.1.2-r7 None possibly vulnerable
rsync 3.20-main 3.4.0-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
rsync 3.20-main 3.2.4-r2 None possibly vulnerable
rsync 3.20-main 3.1.2-r7 None possibly vulnerable
rsync 3.19-main 3.4.0-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
rsync 3.19-main 3.2.7-r4 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
rsync 3.19-main 3.2.4-r2 None possibly vulnerable
rsync 3.19-main 3.1.2-r7 None possibly vulnerable
rsync 3.18-main 3.4.0-r0 Natanael Copa <ncopa@alpinelinux.org> fixed