Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2024-12085

UNKNOWN
Published 2025-01-14T17:37:16.036Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-12085. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
7.5
/10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14
0.012
probability
of exploitation in the wild

There is a 1.2% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25
Exploit Probability
Percentile: 0.778
Higher than 77.8% of all CVEs

Attack Vector Metrics

Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED

Impact Metrics

Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Description

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

Available Exploits

No exploits available for this CVE.

Related News

CVE-2024-12084 & CVE-2024-12085: Rsync Flaws Allow Hackers to Take Over Servers, PoC Published

A set of high-risk vulnerabilities has been disclosed in Rsync, the widely used file synchronization and data transfer The post CVE-2024-12084 & CVE-2024-12085: Rsync Flaws Allow Hackers to Take Over Servers, PoC Published appeared first on Cybersecurity News.

SecurityOnline.info 2025-02-26 02:33
Read More

Affected Products

Unknown Vendor

Unknown Product

Affected Versions:

0
Red Hat

Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION

Affected Versions:

0:3.0.6-12.el6_10.1
Red Hat

Red Hat Enterprise Linux 7 Extended Lifecycle Support

Affected Versions:

0:3.1.2-12.el7_9.1
Red Hat

Red Hat Enterprise Linux 8

Affected Versions:

0:3.1.3-20.el8_10
Red Hat

Red Hat Enterprise Linux 8.2 Advanced Update Support

Affected Versions:

0:3.1.3-7.el8_2.3
Red Hat

Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support

Affected Versions:

0:3.1.3-12.el8_4.3
Red Hat

Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Affected Versions:

0:3.1.3-12.el8_4.3
Red Hat

Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions

Affected Versions:

0:3.1.3-12.el8_4.3
Red Hat

Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support

Affected Versions:

0:3.1.3-14.el8_6.6
Red Hat

Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Affected Versions:

0:3.1.3-14.el8_6.6
Red Hat

Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions

Affected Versions:

0:3.1.3-14.el8_6.6
Red Hat

Red Hat Enterprise Linux 8.8 Extended Update Support

Affected Versions:

0:3.1.3-20.el8_8.1
Red Hat

Red Hat Enterprise Linux 9

Affected Versions:

0:3.2.3-20.el9_5.1
Red Hat

Red Hat Enterprise Linux 9

Affected Versions:

0:3.2.3-20.el9_5.1
Red Hat

Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Affected Versions:

0:3.2.3-9.el9_0.3
Red Hat

Red Hat Enterprise Linux 9.2 Extended Update Support

Affected Versions:

0:3.2.3-19.el9_2.1
Red Hat

Red Hat Enterprise Linux 9.4 Extended Update Support

Affected Versions:

0:3.2.3-19.el9_4.1
Red Hat

Red Hat OpenShift Container Platform 4.12

Affected Versions:

412.86.202502100314-0
Red Hat

Red Hat OpenShift Container Platform 4.13

Affected Versions:

413.92.202503112237-0
Red Hat

Red Hat OpenShift Container Platform 4.14

Affected Versions:

414.92.202502111902-0
Red Hat

Red Hat OpenShift Container Platform 4.15

Affected Versions:

415.92.202501281917-0
Red Hat

Red Hat OpenShift Container Platform 4.16

Affected Versions:

v4.16.0-202501311735.p0.g2cb0020.assembly.stream.el9
Red Hat

Red Hat OpenShift Container Platform 4.16

Affected Versions:

v4.16.0-202501311933.p0.g4246d04.assembly.stream.el9
Red Hat

Red Hat OpenShift Container Platform 4.16

Affected Versions:

v4.16.0-202501311605.p0.g4246d04.assembly.stream.el9
Red Hat

Red Hat OpenShift Container Platform 4.17

Affected Versions:

417.94.202502051822-0
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.17-22
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.17-10
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v6.8.1-454
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.17-17
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v1.0.0-537
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.17-4
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v0.4.0-339
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.17-4
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v1.1.0-320
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.1-552
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v3.3.2-9
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.17-5
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.17-12
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.17-5
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v0.1.0-725
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v0.1.0-342
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v0.28.1-88
Red Hat

RHOL-5.9-RHEL-9

Affected Versions:

v5.9.11-25
Red Hat

RHOL-5.9-RHEL-9

Affected Versions:

v5.9.11-11
Red Hat

RHOL-5.9-RHEL-9

Affected Versions:

v0.4.0-340
Red Hat

RHOL-5.9-RHEL-9

Affected Versions:

v5.9.11-5
Red Hat

RHOL-5.9-RHEL-9

Affected Versions:

v1.1.0-321
Red Hat

RHOL-5.9-RHEL-9

Affected Versions:

v3.3.2-8
Red Hat

RHOL-5.9-RHEL-9

Affected Versions:

v5.9.11-6
Red Hat

RHOL-5.9-RHEL-9

Affected Versions:

v5.9.11-9
Red Hat

RHOL-5.9-RHEL-9

Affected Versions:

v5.9.11-4
Red Hat

RHOL-5.9-RHEL-9

Affected Versions:

v0.1.0-724
Red Hat

RHOL-5.9-RHEL-9

Affected Versions:

v0.1.0-341
Red Hat

RHOL-5.9-RHEL-9

Affected Versions:

v0.34.1-30
Red Hat

Red Hat Enterprise Linux 10

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

Malicious code in bioql (PyPI)

Affected Products (ENISA)

red hat
red hat openshift container platform 4.15

ENISA Scoring

CVSS Score (3.1)

7.5
/10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

9.660
probability

ENISA References

https://access.redhat.com/errata/RHSA-2025:0324
https://access.redhat.com/errata/RHSA-2025:0325
https://access.redhat.com/errata/RHSA-2025:0637
https://access.redhat.com/errata/RHSA-2025:0688
https://access.redhat.com/errata/RHSA-2025:0714
https://access.redhat.com/errata/RHSA-2025:0774
https://access.redhat.com/errata/RHSA-2025:0787
https://access.redhat.com/errata/RHSA-2025:0790
https://access.redhat.com/errata/RHSA-2025:0849
https://access.redhat.com/errata/RHSA-2025:0884
https://access.redhat.com/errata/RHSA-2025:0885
https://access.redhat.com/errata/RHSA-2025:1120
https://access.redhat.com/errata/RHSA-2025:1123
https://access.redhat.com/errata/RHSA-2025:1128
https://access.redhat.com/errata/RHSA-2025:1225
https://access.redhat.com/errata/RHSA-2025:1227
https://access.redhat.com/errata/RHSA-2025:1242
https://access.redhat.com/security/cve/CVE-2024-12085
https://bugzilla.redhat.com/show_bug.cgi?id=2330539
https://kb.cert.org/vuls/id/952657
https://nvd.nist.gov/vuln/detail/CVE-2024-12085
https://access.redhat.com/errata/RHSA-2025:1451
https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj
https://access.redhat.com/errata/RHSA-2025:2701

Data provided by ENISA EU Vulnerability Database. Last updated: October 3, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-xh5q-pch5-g3xq

Advisory Details

A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References

WEB https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj
ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-12085
WEB https://kb.cert.org/vuls/id/952657
WEB https://bugzilla.redhat.com/show_bug.cgi?id=2330539
WEB https://access.redhat.com/security/cve/CVE-2024-12085
WEB https://access.redhat.com/errata/RHSA-2025:2701
WEB https://access.redhat.com/errata/RHSA-2025:1451
WEB https://access.redhat.com/errata/RHSA-2025:1242
WEB https://access.redhat.com/errata/RHSA-2025:1227
WEB https://access.redhat.com/errata/RHSA-2025:1225
WEB https://access.redhat.com/errata/RHSA-2025:1128
WEB https://access.redhat.com/errata/RHSA-2025:1123
WEB https://access.redhat.com/errata/RHSA-2025:1120
WEB https://access.redhat.com/errata/RHSA-2025:0885
WEB https://access.redhat.com/errata/RHSA-2025:0884
WEB https://access.redhat.com/errata/RHSA-2025:0849
WEB https://access.redhat.com/errata/RHSA-2025:0790
WEB https://access.redhat.com/errata/RHSA-2025:0787
WEB https://access.redhat.com/errata/RHSA-2025:0774
WEB https://access.redhat.com/errata/RHSA-2025:0714
WEB https://access.redhat.com/errata/RHSA-2025:0688
WEB https://access.redhat.com/errata/RHSA-2025:0637
WEB https://access.redhat.com/errata/RHSA-2025:0325
WEB https://access.redhat.com/errata/RHSA-2025:0324

Advisory provided by GitHub Security Advisory Database. Published: January 14, 2025, Modified: March 20, 2025

References

https://access.redhat.com/errata/RHSA-2025:0324
https://access.redhat.com/errata/RHSA-2025:0325
https://access.redhat.com/errata/RHSA-2025:0637
https://access.redhat.com/errata/RHSA-2025:0688
https://access.redhat.com/errata/RHSA-2025:0714
https://access.redhat.com/errata/RHSA-2025:0774
https://access.redhat.com/errata/RHSA-2025:0787
https://access.redhat.com/errata/RHSA-2025:0790
https://access.redhat.com/errata/RHSA-2025:0849
https://access.redhat.com/errata/RHSA-2025:0884
https://access.redhat.com/errata/RHSA-2025:0885
https://access.redhat.com/errata/RHSA-2025:1120
https://access.redhat.com/errata/RHSA-2025:1123
https://access.redhat.com/errata/RHSA-2025:1128
https://access.redhat.com/errata/RHSA-2025:1225
https://access.redhat.com/errata/RHSA-2025:1227
https://access.redhat.com/errata/RHSA-2025:1242
https://access.redhat.com/errata/RHSA-2025:1451
https://access.redhat.com/errata/RHSA-2025:2701
https://access.redhat.com/security/cve/CVE-2024-12085
https://bugzilla.redhat.com/show_bug.cgi?id=2330539
https://kb.cert.org/vuls/id/952657
Published: 2025-01-14T17:37:16.036Z
Last Modified: 2025-09-25T16:28:33.745Z
Copied to clipboard!