Nixpkgs security tracker
Permalink
CVE-2024-12084
9.8 CRITICAL
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): High (H)
by @fricklerhandwerk Activity log
- Created suggestion
- @LeSuisse accepted
- @fricklerhandwerk added maintainer @fricklerhandwerk maintainer.add
-
@fricklerhandwerk
deleted
maintainer.delete
2 maintainers
- @fricklerhandwerk
- @ehmry
- @fricklerhandwerk ignored package rsync
- @fricklerhandwerk restored package rsync
- @fricklerhandwerk added maintainer @fricklerhandwerk maintainer.add
Rsync: heap buffer overflow in rsync due to improper checksum length handling
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.
References
Affected products
rhcos
rsync
- *
- ==3.2.7
- ==3.3.0
Package maintainers
-
@ivan Ivan Kozik <ivan@ludios.org>
-
@kampfschlaefer Arnold Krille <arnold@arnoldarts.de>
Ignored maintainers (1)
-
@ehmry Emery Hemingway <ehmry@posteo.net>
Additional maintainers
-
@fricklerhandwerk Valentin Gagarin <valentin@fricklerhandwerk.de>