rsync-3.2.5-3.el9

エラータID: AXSA:2025-10080:08

Release date: 
Friday, June 27, 2025 - 18:49
Subject: 
rsync-3.2.5-3.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool.

Security Fix(es):

* rsync: Path traversal vulnerability in rsync (CVE-2024-12087)
* rsync: --safe-links option bypass leads to path traversal (CVE-2024-12088)
* rsync: Race Condition in rsync Handling Symbolic Links (CVE-2024-12747)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the MIRACLE LINUX 9 Release Notes linked from the References section.

CVE-2024-12087
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
CVE-2024-12088
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
CVE-2024-12747
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.

Solution: 

Update packages.

CVEs: 
CVE-2024-12087
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
CVE-2024-12088
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
CVE-2024-12747
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.
Additional Info: 

N/A

Download: 

SRPMS
  1. rsync-3.2.5-3.el9.src.rpm
    MD5: ad603bf64658725013276e88f855ec65
    SHA-256: 76758091f80569885e35d116a6e6542083328248a13881966098ad1715a28175
    Size: 1.25 MB

Asianux Server 9 for x86_64
  1. rsync-3.2.5-3.el9.x86_64.rpm
    MD5: 30cb769d19a291ec92fed6141afa0d75
    SHA-256: 6071731fb1dc80be9002f4750d5ea4e2b7b91ec07c507d6b5c51261c03b0293e
    Size: 410.61 kB
  2. rsync-daemon-3.2.5-3.el9.noarch.rpm
    MD5: d195a80c286ebc4b2c30d848a84dd4b1
    SHA-256: 53790c09b1f4a62816d0df6b16977a82ff5b061c0cae0895ea90aeeb02fbf984
    Size: 9.04 kB
  3. rsync-rrsync-3.2.5-3.el9.noarch.rpm
    MD5: 3324d4f1bdac8695bdb2f675d95ca8fa
    SHA-256: 1abda2df331abdc58c6a734c660c023d1e5c48dfe04e68b775491bcb0a164311
    Size: 14.20 kB