HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2024-12085

CVSS 7.5v3.1pub. 2025-01-14upd. 2026-06-29

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Almalinux

    OS
    Almalinux
    10.08.09.0
  • Archlinux Arch Linux

    OS
    Archlinux
    wszystkie wersje
  • Gentoo Linux

    OS
    Gentoo
    wszystkie wersje
  • Nixos

    OS
    Nixos
    < 24.11
  • Red Hat Enterprise Linux

    OS
    Redhat
    8.09.0
  • Red Hat Enterprise Linux Eus

    OS
    Redhat
    8.89.29.49.6
  • Red Hat Enterprise Linux For Arm 64

    OS
    Redhat
    8.0_aarch649.0_aarch649.2_aarch64
  • Red Hat Enterprise Linux For Arm 64 Eus

    OS
    Redhat
    8.8_aarch649.4_aarch649.6_aarch64
  • Red Hat Enterprise Linux For IBM Z Systems

    OS
    Redhat
    8.0_s390x9.0_s390x9.2_s390x
  • Red Hat Enterprise Linux For IBM Z Systems Eus

    OS
    Redhat
    8.8_s390x9.4_s390x9.6_s390x
  • Red Hat Enterprise Linux For Power Little Endian

    OS
    Redhat
    8.0_ppc64le8.8_ppc64le9.0_ppc64le9.2_ppc64le
  • Red Hat Enterprise Linux For Power Little Endian Eus

    OS
    Redhat
    9.4_ppc64le9.6_ppc64le
  • Red Hat Enterprise Linux Server

    OS
    Redhat
    6.07.0
  • Red Hat Enterprise Linux Server Aus

    OS
    Redhat
    8.28.48.69.29.49.6
  • Red Hat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions

    OS
    Redhat
    8.4_ppc64le8.6_ppc64le8.8_ppc64le9.0_ppc64le9.2_ppc64le9.4_ppc64le9.6_ppc64le
  • Red Hat Enterprise Linux Server Tus

    OS
    Redhat
    8.48.68.8
  • Red Hat Enterprise Linux Update Services For Sap Solutions

    OS
    Redhat
    8.48.69.09.29.6
  • Red Hat Openshift

    APP
    Redhat
    5.0
  • Red Hat OpenShift Container Platform

    APP
    Redhat
    4.124.134.144.154.164.17
  • Samba Rsync

    APP
    Samba
    < 3.3.0
  • SUSE Linux

    OS
    Suse
    wszystkie wersje
  • Tritondatacenter Smartos

    OS
    Tritondatacenter
    < 20250123
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2021-40438CRITICAL9.0⚠ KEVten sam produkt

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...

CVE-2019-5544CRITICAL9.8⚠ KEVten sam produkt

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the s...

CVE-2019-7609CRITICAL10.0⚠ KEVten sam produkt

Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. A...

CVE-2019-1003030CRITICAL9.9⚠ KEVten sam produkt

A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main...