CVE-2024-12085

Published Jan 14, 2025

Last updated 16 days ago

CVSS high 7.5

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2024-12085 is an information leakage vulnerability in the rsync utility. It occurs when rsync compares file checksums due to improper initialization of memory. An attacker can manipulate the checksum length, leading to a comparison between a checksum and uninitialized memory. This allows them to leak one byte of uninitialized stack data at a time. The vulnerability arises from the incorrect initialization of the “sum2” variable. Rsync is a widely used utility for file synchronization. It is commonly used for backups, mirroring data between servers, and distributing software updates. The vulnerability affects various operating systems and distributions. A patch has been released to address this vulnerability, and users are urged to update their rsync installations to the latest version. As a temporary mitigation, rsync can be compiled with the “-ftrivial-auto-var-init=zero” option. This sets the initial value of the “sum2” variable to zero.

Description
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
Source
secalert@redhat.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
HIGH

Weaknesses

secalert@redhat.com
CWE-119

Social media

Hype score
Not currently trending

  1. 🚨 Vulnerabilidades críticas en rsync https://t.co/RYsv5c5cA2… CVE-2024-12084 CVE-2024-12085 CVE-2024-12086 CVE-2024-12087/12088 https://t.co/IVb6Af1eJ5… https://t.co/DSuiDrvg49

    @doncaptador

    2 Mar 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 Vulnerabilidades críticas en rsync https://t.co/GGCeKTqsNn CVE-2024-12084 CVE-2024-12085 CVE-2024-12086 CVE-2024-12087/12088 https://t.co/32SfTO2Dt8 https://t.co/VG0QeYp6qr

    @elhackernet

    28 Feb 2025

    2126 Impressions

    14 Retweets

    31 Likes

    8 Bookmarks

    0 Replies

    2 Quotes

  3. 🚨 Rsync Vulnerabilities Let Attacker Gain Full Server Control Read more: https://t.co/8JtyChMNtq ✅ Heap Buffer Overflow in Checksum Handling (CVE-2024-12084) ✅ ASLR Bypass via Stack Information Leak (CVE-2024-12085) #cybersecurity #linux

    @gbhackers_news

    26 Feb 2025

    51 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 Rsync Vulnerabilities Let Attacker Gain Full Server Control Read more: https://t.co/qN2c0x79MS ✅ Heap Buffer Overflow in Checksum Handling (CVE-2024-12084) ✅ ASLR Bypass via Stack Information Leak (CVE-2024-12085) ✅ Client-Side File Exfiltration (CVE-2024-12086) ✅… https://

    @The_Cyber_News

    26 Feb 2025

    356 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2024-12084 & CVE-2024-12085: Rsync Flaws Allow Hackers to Take Over Servers, PoC Published #PoC https://t.co/ogBUaDwN7n

    @samilaiho

    26 Feb 2025

    125 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2024-12084 & CVE-2024-12085: Rsync Flaws Allow Hackers to Take Over Servers, PoC Published Explore CVE-2024-12084 PoC and learn about critical vulnerabilities in Rsync that could enable remote code execution and data leaks. https://t.co/Wyl3fUY3Cf

    @the_yellow_fall

    26 Feb 2025

    518 Impressions

    4 Retweets

    5 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Six vulnerabilities in Rsync include CVE-2024-12084, a critical heap-based buffer overflow, and CVE-2024-12085, a high-severity checksum flaw. Combined, they allow code execution. Shodan shows 660,000+ exposed Rsync servers. Update immediately.

    @Cyber_Sec_Raj

    25 Jan 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. CVE-2024-12747,CVE-2024-12088,CVE-2024-12087,CVE-2024-12085,CVE-2024-12084 alert 🚨 RSYNC: Multiples vulnerabilities leading to Remote Code Execution The vulnerabilities have been integrated into Patrowl. Our customers assets are protected. 🦉 #CyberSecurity #InfoSec #rsync https

    @Patrowl_io

    22 Jan 2025

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. [1day1line] CVE-2024-12085: rsync Info Leak Vulnerability via Uninitialized Stack Contents https://t.co/4U24GaCTVb Uninitialized Stack Contents vulnerability was discovered in rsync. If an attacker manipulates s2length, they can read memory beyond the sum2 variable during the…

    @hackyboiz

    18 Jan 2025

    1738 Impressions

    9 Retweets

    32 Likes

    8 Bookmarks

    0 Replies

    0 Quotes

  10. [1/4] 🚨Two days ago, 6 vulnerabilities affecting rsync, a widely-used file transferring and synchronizing utility were published. Two of these, CVE-2024-12084 - a heap buffer overflow that could lead to code execution, and CVE-2024-12085 - an information leak allowing one-byte…

    @JFrogSecurity

    16 Jan 2025

    530 Impressions

    3 Retweets

    7 Likes

    2 Bookmarks

    1 Reply

    0 Quotes

References