Zurück zur CVE-Übersicht
CVE-2024-12085
HIGH(7.5)CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Risk Signal Score22/100 — NIEDRIG
- CVSS 7.5 — Hoch
EPSS-Score
9%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
7.5
Technische Schwere
Beschreibung
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
Referenzen
- https://access.redhat.com/errata/RHBA-2025:6470
- https://access.redhat.com/errata/RHSA-2025:0324
- https://access.redhat.com/errata/RHSA-2025:0325
- https://access.redhat.com/errata/RHSA-2025:0637
- https://access.redhat.com/errata/RHSA-2025:0688
- https://access.redhat.com/errata/RHSA-2025:0714
- https://access.redhat.com/errata/RHSA-2025:0774
- https://access.redhat.com/errata/RHSA-2025:0787
- https://access.redhat.com/errata/RHSA-2025:0790
- https://access.redhat.com/errata/RHSA-2025:0849