{"id":"USN-7206-4","summary":"rsync regression","details":"USN-7206-3 fixed vulnerabilities in rsync for Ubuntu 24.10. The update \nintroduced a regression in rsync. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\n Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync\n did not properly handle checksum lengths. An attacker could use this\n issue to execute arbitrary code. (CVE-2024-12084)\n \n Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync\n compared checksums with uninitialized memory. An attacker could exploit\n this issue to leak sensitive information. (CVE-2024-12085)\n \n Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync\n incorrectly handled file checksums. A malicious server could use this\n to expose arbitrary client files. (CVE-2024-12086)\n \n Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync\n mishandled symlinks for some settings. An attacker could exploit this\n to write files outside the intended directory. (CVE-2024-12087)\n \n Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync\n failed to verify symbolic link destinations for some settings. An\n attacker could exploit this for path traversal attacks. (CVE-2024-12088)\n \n Aleksei Gorban discovered a race condition in rsync's handling of\n symbolic links. An attacker could use this to access sensitive\n information or escalate privileges. (CVE-2024-12747)\n","modified":"2025-02-10T09:41:15.766433Z","published":"2025-02-10T09:41:15.766433Z","references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7206-4"},{"type":"REPORT","url":"https://launchpad.net/bugs/2096914"}],"affected":[{"package":{"name":"rsync","ecosystem":"Ubuntu:24.10","purl":"pkg:deb/ubuntu/rsync@3.3.0-1ubuntu0.2?arch=source&distro=oracular"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.3.0-1ubuntu0.2"}]}],"versions":["3.2.7-1ubuntu1","3.3.0-1","3.3.0-1ubuntu0.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"rsync","binary_version":"3.3.0-1ubuntu0.2"},{"binary_name":"rsync-dbgsym","binary_version":"3.3.0-1ubuntu0.2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7206-4.json"}}],"schema_version":"1.7.3"}