Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
Red Hat recommends filtering untrusted connections to Rsync via firewall rules on the host and on network firewall appliances. Additionally, systems which only need to provide remote Rsync access to users with known identities can enable authentication using the ```auth users``` parameter in their rsyncd configuration file (rsyncd.conf). Systems that provide anonymous read access to hosted files via Rsync, such as mirror hosts, do not have reasonable mitigation options available. We strongly urge operators using vulnerable versions of Rsync to update as soon as possible.
Wed, 16 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Sun, 13 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Fri, 11 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Tue, 08 Jul 2025 04:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/o:redhat:enterprise_linux:10.0 | |
References |
|
Wed, 18 Jun 2025 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Almalinux
Almalinux almalinux Archlinux Archlinux arch Linux Gentoo Gentoo linux Nixos Nixos nixos Novell Novell suse Linux Samba Samba rsync Tritondatacenter Tritondatacenter smartos |
|
Weaknesses | CWE-787 | |
CPEs | cpe:2.3:a:samba:rsync:3.2.7:-:*:*:*:*:*:* cpe:2.3:a:samba:rsync:3.3.0:-:*:*:*:*:*:* cpe:2.3:o:almalinux:almalinux:10.0:-:*:*:*:*:*:* cpe:2.3:o:archlinux:arch_linux:-:*:*:*:*:*:*:* cpe:2.3:o:gentoo:linux:-:*:*:*:*:*:*:* cpe:2.3:o:nixos:nixos:*:*:*:*:*:*:*:* cpe:2.3:o:nixos:nixos:24.11:*:*:*:*:*:*:* cpe:2.3:o:novell:suse_linux:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:tritondatacenter:smartos:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Almalinux
Almalinux almalinux Archlinux Archlinux arch Linux Gentoo Gentoo linux Nixos Nixos nixos Novell Novell suse Linux Samba Samba rsync Tritondatacenter Tritondatacenter smartos |
Thu, 22 May 2025 12:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
ssvc
|
Thu, 22 May 2025 11:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/o:redhat:enterprise_linux:10 |
Wed, 26 Feb 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 15 Jan 2025 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 15 Jan 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 15 Jan 2025 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | rsync: Heap Buffer Overflow in Rsync due to Improper Checksum Length Handling | Rsync: heap buffer overflow in rsync due to improper checksum length handling |
First Time appeared |
Redhat
Redhat enterprise Linux Redhat openshift |
|
CPEs | cpe:/a:redhat:openshift:4 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux Redhat openshift |
|
References |
|
Wed, 15 Jan 2025 02:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer. | |
Title | rsync: Heap Buffer Overflow in Rsync due to Improper Checksum Length Handling | |
Weaknesses | CWE-122 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-07-29T00:36:40.901Z
Reserved: 2024-12-03T08:57:42.580Z
Link: CVE-2024-12084

Updated: 2025-01-15T15:02:44.467Z

Status : Modified
Published: 2025-01-15T15:15:10.537
Modified: 2025-07-08T04:15:35.820
Link: CVE-2024-12084


No data.