CVE-2024-12085

HIGH

rsync < 3.3.0 - Information Disclosure via Checksum Length Manipulation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-12085. PoCs published by Otsutez.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2024-12085, an information leak vulnerability in rsync. The exploit leverages hardcoded checksums and a crafted payload to leak memory contents from the target rsync server.

Description

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

Exploits (1)

nomisec WORKING POC

by Otsutez · poc

https://github.com/Otsutez/cve-2024-12085

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2024-12085, an information leak vulnerability in rsync. The exploit leverages hardcoded checksums and a crafted payload to leak memory contents from the target rsync server.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: rsync (version not explicitly specified)

No auth needed

Prerequisites: Network access to the target rsync server · Target rsync server running a vulnerable version

MITRE ATT&CK

T1005 - Data from Local System

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (28)

Core 28

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/01/msg00008.html

Third Party Advisory

https://kb.cert.org/vuls/id/952657

Exploit, Third Party Advisory

https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj

Vendor Advisory

https://security.netapp.com/advisory/ntap-20250131-0002/

Third Party Advisory, US Government Resource

https://www.kb.cert.org/vuls/id/952657

Vendor Advisory vendor-advisory x_refsource_redhat

RHBA-2025:6470

https://access.redhat.com/errata/RHBA-2025:6470

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:0324

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:0325

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:0637

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:0688

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:0714

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:0774

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:0787

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:0790

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:0849

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:0884

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:0885

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:1120

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:1123

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:1128

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:1225

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:1227

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:1242

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:1451

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:21885

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:2701

Third Party Advisory vdb-entry x_refsource_redhat

https://access.redhat.com/security/cve/CVE-2024-12085

Issue Tracking, Third Party Advisory issue-tracking x_refsource_redhat

https://bugzilla.redhat.com/show_bug.cgi?id=2330539

Scores

CVSS v3 7.5

EPSS 0.0935

EPSS Percentile 94.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-908

Status published

Products (50)

almalinux/almalinux 8.0

almalinux/almalinux 9.0

almalinux/almalinux 10.0

archlinux/arch_linux

gentoo/linux

nixos/nixos < 24.11

Red Hat/Compliance Operator 1 sha256:4953a7ea865ff38a4fe19d5536d8062870c262733c640a2c7e4bd9e0bfb3d498

Red Hat/OpenShift Compliance Operator 1 sha256:4953a7ea865ff38a4fe19d5536d8062870c262733c640a2c7e4bd9e0bfb3d498

Red Hat/Red Hat Enterprise Linux 10 0:3.4.1-2.el10

Red Hat/Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION 0:3.0.6-12.el6_10.1

... and 40 more

Published Jan 14, 2025

Tracked Since Feb 18, 2026