CVE-2024-12084
CVE Information
CVE ID
CVE-2024-12084
Severity
CRITICAL
CVSS 9.8
Publish Date
2025-01-15
Description
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.
Collection Date
2026-01-13
Impact Summary
Affected Hosts
3
Related Incidents
0
Related Alerts
0
Affected Hosts (3)
| Hostname | OS Type | Severity | Total CVEs |
|---|---|---|---|
| inbridge-42 | LINUX | CRITICAL | 142 |
| in-bridge-40 | LINUX | CRITICAL | 392 |
| inbridge-ubt-24 | LINUX | CRITICAL | 2364 |