CVE-2024-12087

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-12087
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://access.redhat.com/errata/RHSA-2025:2600 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:7050 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:8385 Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-12087 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2330672 Issue Tracking Third Party Advisory
https://kb.cert.org/vuls/id/952657 Third Party Advisory
https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:samba:rsync:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:almalinux:almalinux:8.0:-:*:*:*:*:*:*
cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:*
cpe:2.3:o:almalinux:almalinux:10.0:-:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:archlinux:arch_linux:-:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:gentoo:linux:-:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:o:nixos:nixos:*:*:*:*:*:*:*:*

Configuration 6 (hide)

cpe:2.3:o:suse:suse_linux:-:*:*:*:*:*:*:*

Configuration 7 (hide)

cpe:2.3:o:tritondatacenter:smartos:*:*:*:*:*:*:*:*

Configuration 8 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.6_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.6:*:*:*:*:*:*:*
History

20 Jun 2025, 18:28

Type Values Removed Values Added
First Time Nixos nixos
Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
Tritondatacenter smartos
Suse
Redhat enterprise Linux
Redhat enterprise Linux For Power Little Endian Eus
Redhat enterprise Linux Eus
Redhat enterprise Linux For Power Little Endian
Archlinux
Samba
Redhat enterprise Linux Update Services For Sap Solutions
Almalinux
Redhat enterprise Linux Server Aus
Redhat enterprise Linux For Arm 64 Eus
Suse suse Linux
Redhat enterprise Linux For Ibm Z Systems
Redhat enterprise Linux For Ibm Z Systems Eus
Gentoo linux
Archlinux arch Linux
Almalinux almalinux
Tritondatacenter
Redhat
Redhat enterprise Linux For Arm 64
Gentoo
Nixos
Samba rsync
CWE CWE-22
CPE cpe:2.3:o:archlinux:arch_linux:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.6_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.6:*:*:*:*:*:*:*
cpe:2.3:o:nixos:nixos:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:-:*:*:*:*:*:*:*
cpe:2.3:o:almalinux:almalinux:8.0:-:*:*:*:*:*:*
cpe:2.3:o:almalinux:almalinux:10.0:-:*:*:*:*:*:*
cpe:2.3:o:gentoo:linux:-:*:*:*:*:*:*:*
cpe:2.3:o:tritondatacenter:smartos:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:samba:rsync:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.6:*:*:*:*:*:*:*
References
  • () https://access.redhat.com/errata/RHSA-2025:7050 - Third Party Advisory
  • () https://access.redhat.com/errata/RHSA-2025:8385 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:2600 - () https://access.redhat.com/errata/RHSA-2025:2600 - Third Party Advisory
References () https://access.redhat.com/security/cve/CVE-2024-12087 - () https://access.redhat.com/security/cve/CVE-2024-12087 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2330672 - () https://bugzilla.redhat.com/show_bug.cgi?id=2330672 - Issue Tracking, Third Party Advisory
References () https://kb.cert.org/vuls/id/952657 - () https://kb.cert.org/vuls/id/952657 - Third Party Advisory
References () https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj - () https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj - Exploit, Third Party Advisory

11 Mar 2025, 04:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:2600 -

26 Feb 2025, 15:15

Type Values Removed Values Added
References
  • () https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj -
Summary
  • (es) Existe una vulnerabilidad Path Traversal en rsync. Se origina en un comportamiento habilitado por la opción `--inc-recursive`, una opción habilitada de manera predeterminada para muchas opciones de cliente y que puede ser habilitada por el servidor incluso si no está habilitada explícitamente por el cliente. Al usar la opción `--inc-recursive`, la falta de una verificación de enlace simbólico adecuada junto con las comprobaciones de deduplicación que se realizan en una lista de archivos por archivo podría permitir que un servidor escriba archivos fuera del directorio de destino previsto del cliente. Un servidor malintencionado podría escribir archivos malintencionados en ubicaciones arbitrarias con nombres de directorios/rutas válidos en el cliente.

14 Jan 2025, 22:15

Type Values Removed Values Added
References
  • () https://kb.cert.org/vuls/id/952657 -

14 Jan 2025, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-01-14 18:15

Updated : 2025-06-20 18:28

NVD link : CVE-2024-12087

Mitre link : CVE-2024-12087

CVE.ORG link : CVE-2024-12087

JSON object : View

Products Affected

tritondatacenter

  • smartos

redhat

  • enterprise_linux_for_arm_64
  • enterprise_linux_for_ibm_z_systems_eus
  • enterprise_linux
  • enterprise_linux_server_aus
  • enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
  • enterprise_linux_update_services_for_sap_solutions
  • enterprise_linux_eus
  • enterprise_linux_for_ibm_z_systems
  • enterprise_linux_for_power_little_endian_eus
  • enterprise_linux_for_power_little_endian
  • enterprise_linux_for_arm_64_eus

suse

  • suse_linux

archlinux

  • arch_linux

samba

  • rsync

nixos

  • nixos

almalinux

  • almalinux

gentoo

  • linux
CWE
CWE-35

Path Traversal: '.../...//'

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')