2 matches found
Astra Linux – Vulnerability in rsync
A heap-based buffer overflow flaw was discovered in the rsync daemon. This issue arises due to improper handling of the attacker-controlled checksum length s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write data beyond the buffer’s limit...
AZL-55691 CVE-2024-12084 affecting package rsync for versions less than 3.4.1-1
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...