Exploit for Heap-based Buffer Overflow in Samba Rsync

CVE-2024-120...

TencentOS Server 4: rsync (TSSA-2025:0040)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0040 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Advisory ROSA-SA-2025-2976

Software: rsync 3.4.1 OS: ROSA-CHROME unaffected versions = rsync-3.4.1-1 affected versions rsync-3.4.1-1 CVE-ID: CVE-2024-12084 BDU-ID: 2025-00378 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the rsyncd daemon of the Rsync file transfer and synchronization utility is related to an operation...

Azure Linux 3.0 Security Update: rsync (CVE-2024-12084)

The version of rsync installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12084 advisory. - A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of...

CBL Mariner 2.0 Security Update: rsync (CVE-2024-12084)

The version of rsync installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12084 advisory. - A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of...

Mageia: Security Advisory (MGASA-2025-0019)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photon OS 4.0: Rsync PHSA-2025-4.0-0735

An update of the rsync package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0735. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

OESA-2025-1064 rsync security update

Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...

Ubuntu: Security Advisory (USN-7206-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-12084 affecting package rsync for versions less than 3.4.1-1

CVE-2024-12084 affecting package rsync for versions less than 3.4.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-12084 affecting package rsync for versions less than 3.4.1-1

CVE-2024-12084 affecting package rsync for versions less than 3.4.1-1. An upgraded version of the package is available that resolves this issue...

Fedora 40 : rsync (2025-73c1f25730)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-73c1f25730 advisory. New version 3.4.0. Contains fixes for CVE-2024-12084, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747. Tenable has...

openSUSE: Security Advisory for rsync (SUSE-SU-2025:0118-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AZL-55691 CVE-2024-12084 affecting package rsync for versions less than 3.4.1-1

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...

CVE-2024-12084

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...

CVE-2024-12084

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...

CVE-2024-12084

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...

CVE-2024-12084

CVE-2024-12084: Rsync daemon heap-based buffer overflow caused by improper handling of attacker-controlled checksum lengths (s2length). When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an out-of-bounds write to sum2 is possible. Public advisories confirm this bug affects rsync version...

Ubuntu: Security Advisory (USN-7206-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5843-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...