Top file synchronization tool Rsync security flaws mean up to 660,000 servers possibly affected
Share:
Security researchers found six flaws in the popular tool. When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Rsync, a popular open source file transfer and synchronization tool has been found carrying multiple vulnerabilities that allowed threat actors to conduct all kinds of malicious activities, remote code execution (RCE) included. As a result, hundreds of thousands of endpoints are at serious risk.
![[A deepfake image being created on a computer.]](https://vanilla.futurecdn.net/cyclingnews/media/img/missing-image.svg)
The warning comes from multiple cybersecurity researchers, including those from Google Cloud, who recently discovered and reported the flaws. “Two independent groups of researchers have identified a total of 6 vulnerabilities in rsync. In the most severe CVE, an attacker only requires anonymous read access to a rsync server, such as a public mirror, to execute arbitrary code on the machine the server is running on,” a security advisory published on Openwall reads. “Upstream has prepared patches for these CVEs. These fixes will be included in rsync 3.4.0 which is to be released shortly.”.
The most severe vulnerability is tracked as CVE-2024-12084, and is described as a heap buffer overflow bug arising from improper handling of checksum lengths in the Rsync daemon. It was given a severity score of 9.8, and said to affect versions 3.2.7 through < 3.4.0.
Other flaws are CVE-2024-12085 (information leak via uninitialized stack), CVE-2024-12086 (server leaks arbitrary client files), CVE-2024-12087 (path traversal), CVE-2024-12088 (bypass of –safe-links Option), and CVE-2024-12747 (symbolic link race condition).
