CVE-2024-12085

HIGH

Samba Rsync < 3.3.0 - Use of Uninitialized Resource

Title source: rule

Description

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

Exploits (1)

nomisec WORKING POC

by Otsutez · poc

https://github.com/Otsutez/cve-2024-12085

View Code ZIP pw:eip

References (28)

[Third Party Advisory] https://kb.cert.org/vuls/id/952657

[Mailing List] https://lists.debian.org/debian-lts-announce/2025/01/msg00008.html

[Exploit, Third Party Advisory] https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj

[Vendor Advisory] https://security.netapp.com/advisory/ntap-20250131-0002/

[Third Party Advisory, US Government Resource] https://www.kb.cert.org/vuls/id/952657

[Vendor Advisory] https://access.redhat.com/errata/RHBA-2025:6470

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2025:0324

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2025:0325

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2025:0637

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2025:0688

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2025:0714

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2025:0774

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2025:0787

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2025:0790

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2025:0849

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2025:0884

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2025:0885

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2025:1120

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2025:1123

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2025:1128

... and 8 more

Scores

CVSS v3 7.5

EPSS 0.1914

EPSS Percentile 95.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-908

Status published

Products (50)

almalinux/almalinux 8.0

almalinux/almalinux 9.0

almalinux/almalinux 10.0

archlinux/arch_linux

gentoo/linux

nixos/nixos < 24.11

Red Hat/Compliance Operator 1 sha256:4953a7ea865ff38a4fe19d5536d8062870c262733c640a2c7e4bd9e0bfb3d498

Red Hat/OpenShift Compliance Operator 1 sha256:4953a7ea865ff38a4fe19d5536d8062870c262733c640a2c7e4bd9e0bfb3d498

Red Hat/Red Hat Enterprise Linux 10 0:3.4.1-2.el10

Red Hat/Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION 0:3.0.6-12.el6_10.1

... and 40 more

Published Jan 14, 2025

Tracked Since Feb 18, 2026