发布于3月6日3月6日 Members Ubuntu: (Multiple Advisories) (CVE-2024-12085): rsync vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/14/2025 Created 01/16/2025 Added 01/15/2025 Modified 02/03/2025 Description A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time. Solution(s) ubuntu-pro-upgrade-rsync References https://attackerkb.com/topics/cve-2024-12085 CVE - 2024-12085 USN-7206-1 USN-7206-2 USN-7206-3
参与讨论
你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。