CVE-2024-12085

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-12085

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

A

flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

References
Link Resource
https://access.redhat.com/errata/RHSA-2025:0324 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:0325 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:0637 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:0688 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:0714 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:0774 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:0787 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:0790 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:0849 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:0884 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:0885 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:1120 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:1123 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:1128 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:1225 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:1227 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:1242 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:1451 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:21885
https://access.redhat.com/errata/RHSA-2025:2701 Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-12085 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2330539 Issue Tracking Third Party Advisory
https://kb.cert.org/vuls/id/952657 Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/01/msg00008.html
https://security.netapp.com/advisory/ntap-20250131-0002/
https://www.kb.cert.org/vuls/id/952657
https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:samba:rsync:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:redhat:openshift:5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.13:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.14:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.15:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.17:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.6_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.6:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:almalinux:almalinux:8.0:-:*:*:*:*:*:*
cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:*
cpe:2.3:o:almalinux:almalinux:10.0:-:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:archlinux:arch_linux:-:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:o:gentoo:linux:-:*:*:*:*:*:*:*

Configuration 6 (hide)

cpe:2.3:o:nixos:nixos:*:*:*:*:*:*:*:*

Configuration 7 (hide)

cpe:2.3:o:suse:suse_linux:-:*:*:*:*:*:*:*

Configuration 8 (hide)

cpe:2.3:o:tritondatacenter:smartos:*:*:*:*:*:*:*:*
History

20 Nov 2025, 21:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:21885 -

03 Nov 2025, 22:16

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2025/01/msg00008.html -
  • () https://www.kb.cert.org/vuls/id/952657 -

03 Nov 2025, 21:16

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20250131-0002/ -

12 Aug 2025, 21:15

Type Values Removed Values Added
CWE CWE-119

16 Jul 2025, 16:04

Type Values Removed Values Added
First Time Redhat enterprise Linux For Ibm Z Systems
Samba rsync
Gentoo
Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
Redhat enterprise Linux For Power Little Endian
Almalinux
Suse suse Linux
Redhat enterprise Linux For Power Little Endian Eus
Almalinux almalinux
Redhat enterprise Linux For Arm 64 Eus
Archlinux arch Linux
Suse
Nixos nixos
Tritondatacenter
Redhat
Redhat enterprise Linux Eus
Tritondatacenter smartos
Redhat enterprise Linux Update Services For Sap Solutions
Gentoo linux
Redhat enterprise Linux Server Aus
Redhat enterprise Linux Server Tus
Redhat enterprise Linux For Ibm Z Systems Eus
Samba
Redhat enterprise Linux Server
Nixos
Redhat openshift
Redhat enterprise Linux For Arm 64
Archlinux
Redhat openshift Container Platform
Redhat enterprise Linux
CWE CWE-908
CPE cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:nixos:nixos:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:archlinux:arch_linux:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.13:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.16:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.14:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.15:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*
cpe:2.3:o:almalinux:almalinux:8.0:-:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:a:samba:rsync:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.17:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:*
cpe:2.3:o:tritondatacenter:smartos:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:almalinux:almalinux:10.0:-:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:gentoo:linux:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.6_aarch64:*:*:*:*:*:*:*
References () https://access.redhat.com/errata/RHSA-2025:0324 - () https://access.redhat.com/errata/RHSA-2025:0324 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:0325 - () https://access.redhat.com/errata/RHSA-2025:0325 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:0637 - () https://access.redhat.com/errata/RHSA-2025:0637 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:0688 - () https://access.redhat.com/errata/RHSA-2025:0688 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:0714 - () https://access.redhat.com/errata/RHSA-2025:0714 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:0774 - () https://access.redhat.com/errata/RHSA-2025:0774 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:0787 - () https://access.redhat.com/errata/RHSA-2025:0787 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:0790 - () https://access.redhat.com/errata/RHSA-2025:0790 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:0849 - () https://access.redhat.com/errata/RHSA-2025:0849 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:0884 - () https://access.redhat.com/errata/RHSA-2025:0884 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:0885 - () https://access.redhat.com/errata/RHSA-2025:0885 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:1120 - () https://access.redhat.com/errata/RHSA-2025:1120 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:1123 - () https://access.redhat.com/errata/RHSA-2025:1123 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:1128 - () https://access.redhat.com/errata/RHSA-2025:1128 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:1225 - () https://access.redhat.com/errata/RHSA-2025:1225 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:1227 - () https://access.redhat.com/errata/RHSA-2025:1227 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:1242 - () https://access.redhat.com/errata/RHSA-2025:1242 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:1451 - () https://access.redhat.com/errata/RHSA-2025:1451 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:2701 - () https://access.redhat.com/errata/RHSA-2025:2701 - Third Party Advisory
References () https://access.redhat.com/security/cve/CVE-2024-12085 - () https://access.redhat.com/security/cve/CVE-2024-12085 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2330539 - () https://bugzilla.redhat.com/show_bug.cgi?id=2330539 - Issue Tracking, Third Party Advisory
References () https://kb.cert.org/vuls/id/952657 - () https://kb.cert.org/vuls/id/952657 - Third Party Advisory
References () https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj - () https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj - Exploit, Third Party Advisory

20 Mar 2025, 07:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:2701 -

26 Feb 2025, 15:15

Type Values Removed Values Added
References
  • () https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj -

20 Feb 2025, 00:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:1451 -

13 Feb 2025, 03:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:1242 -

12 Feb 2025, 18:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:1225 -

12 Feb 2025, 17:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:1227 -

12 Feb 2025, 04:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:1128 -

12 Feb 2025, 01:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:1123 -

11 Feb 2025, 12:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:1120 -

03 Feb 2025, 20:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:0884 -
  • () https://access.redhat.com/errata/RHSA-2025:0885 -

30 Jan 2025, 22:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:0849 -

30 Jan 2025, 17:15

Type Values Removed Values Added
Summary (en) A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time. (en) A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

29 Jan 2025, 11:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:0790 -

29 Jan 2025, 08:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:0787 -

28 Jan 2025, 19:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:0774 -

28 Jan 2025, 08:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:0688 -
  • () https://access.redhat.com/errata/RHSA-2025:0714 -

23 Jan 2025, 06:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:0637 -
Summary
  • (es) Se encontró un fallo en rsync daemon que podría activarse cuando rsync compara sumas de comprobación de archivos. Este fallo permite a un atacante manipular la longitud de la suma de comprobación (s2length) para provocar una comparación entre una suma de comprobación y una memoria no inicializada y filtrar un byte de datos de pila no inicializados a la vez.

15 Jan 2025, 07:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:0324 -
  • () https://access.redhat.com/errata/RHSA-2025:0325 -

14 Jan 2025, 22:15

Type Values Removed Values Added
References
  • () https://kb.cert.org/vuls/id/952657 -

14 Jan 2025, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-01-14 18:15

Updated : 2025-11-20 21:15

NVD link : CVE-2024-12085

Mitre link : CVE-2024-12085

CVE.ORG link : CVE-2024-12085

JSON object : View

Products Affected

redhat

samba

tritondatacenter

gentoo

nixos

almalinux

suse

archlinux

CWE
CWE-908

Use of Uninitialized Resource