View all vulnerabilities

CVE-2024-12084

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Vulnerability Details
Score
Score Vector
Affected Versions
rsync < 3.4.0-r0; rsync < 3.4.0-r0; rsync < 3.4.0-r0; rsync < 3.4.0-r0; rsync < 3.4.0-r0; rsync < 3.2.3-4+deb11u2; rsync < 3.2.7-1+deb12u1; rsync < 3.3.0+ds1-3; rsync < 3.3.0+ds1-3; unknown < 6c8ca91c731b7bf2b081694bda85b7dadc2b7aff
Severity
Ecosystem
APK
Publish Date
January 14, 2025
Modified Date
August 12, 2025