CVE-2024-12086

Description

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.

CVSS v3.1 Score

6.1

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N

Weakness Type (CWE)

CWE-390 CWE-390

Affected Products

Vendor	Product	Versions
samba	rsync	< 3.3.0
redhat	openshift_container_platform	All
redhat	enterprise_linux	All
redhat	enterprise_linux	All
redhat	enterprise_linux	All
redhat	enterprise_linux	All
redhat	enterprise_linux	All
almalinux	almalinux	All
almalinux	almalinux	All
almalinux	almalinux	All
archlinux	arch_linux	All
gentoo	linux	All
nixos	nixos	< 24.11
suse	suse_linux	All
tritondatacenter	smartos	< 20250123

References

Exploits

https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj

Other References

https://access.redhat.com/errata/RHBA-2025:6470 https://access.redhat.com/security/cve/CVE-2024-12086 https://bugzilla.redhat.com/show_bug.cgi?id=2330577 https://kb.cert.org/vuls/id/952657 https://lists.debian.org/debian-lts-announce/2025/01/msg00008.html https://security.netapp.com/advisory/ntap-20250131-0002/ https://www.kb.cert.org/vuls/id/952657

Frequently Asked Questions

What is CVE-2024-12086? +

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client. It has a CVSS v3.1 base score of 6.1 (MEDIUM).

How severe is CVE-2024-12086? +

CVE-2024-12086 has a CVSS v3.1 score of 6.1 out of 10, rated MEDIUM. This is a medium-severity vulnerability that should be remediated as part of regular maintenance.

What products are affected by CVE-2024-12086? +

CVE-2024-12086 affects products from almalinux, archlinux, gentoo, nixos, redhat, samba, suse, tritondatacenter, specifically: almalinux, arch_linux, enterprise_linux, linux, nixos, openshift_container_platform, rsync, smartos, suse_linux. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2024-12086? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2025-46367 7.8

Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Detection of Error Condition Without Action vulnerability. A …

CVE-2024-49841 7.8

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

CVE-2024-27919 7.5

Envoy is a cloud-native, open-source edge and service proxy. In versions 1.29.0 and 1.29.1, theEnvoy HTTP/2 protocol stack is vulnerable …

CVE-2025-26465 6.8

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a …

CVE-2025-27039 6.6

Memory corruption may occur while processing IOCTL call for DMM/WARPNCC CONFIG request.

CVE-2025-25204 6.3

`gh` is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a …