CVE-2024-12085
Rsync: info leak via uninitialized stack contents
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Produtos afetados
rsyncRed Hat · OpenShift Compliance Operator 1Red Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSIONRed Hat · Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.4 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 8.8 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat · Red Hat OpenShift Container Platform 4.12Red Hat · Red Hat OpenShift Container Platform 4.13Red Hat · Red Hat OpenShift Container Platform 4.14Red Hat · Red Hat OpenShift Container Platform 4.15Red Hat · Red Hat OpenShift Container Platform 4.16Red Hat · Red Hat OpenShift Container Platform 4.17Red Hat · RHOL-5.8-RHEL-9Red Hat · RHOL-5.9-RHEL-9Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHBA-2025:6470https://access.redhat.com/errata/RHSA-2025:0324https://access.redhat.com/errata/RHSA-2025:0325https://access.redhat.com/errata/RHSA-2025:0637https://access.redhat.com/errata/RHSA-2025:0688https://access.redhat.com/errata/RHSA-2025:0714https://access.redhat.com/errata/RHSA-2025:0774https://access.redhat.com/errata/RHSA-2025:0787https://access.redhat.com/errata/RHSA-2025:0790https://access.redhat.com/errata/RHSA-2025:0849https://access.redhat.com/errata/RHSA-2025:0884https://access.redhat.com/errata/RHSA-2025:0885