rsync-3.2.5-3.el9
エラータID: AXSA:2025-10080:08
リリース日:
2025/06/27 Friday - 18:49
題名:
rsync-3.2.5-3.el9
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- rsync には、シンボリックリンクに対するチェック処理が欠落している
ため、リモートの攻撃者により、クライアントが意図したディレクトリ外
のファイルへの不正な書き込みを可能とする脆弱性が存在します。
(CVE-2024-12087)
- rsync には、シンボリックリンク先に別のシンボリックリンクが
含まれていることを正しくチェックできない問題があるため、リモート
の攻撃者により、”--safe-links” オプションを用いた rsync コマンド
の利用を介して、任意のファイルへの不正な書き込みを可能とする脆弱性
が存在します。(CVE-2024-12088)
- rsync には、レースコンディションに起因してシンボリックリンクの
トラバースを許容してしまう問題があるため、ローカルの攻撃者により、
特権の昇格、および情報の漏洩を可能とする脆弱性が存在します。
(CVE-2024-12747)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2024-12087
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
CVE-2024-12088
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
CVE-2024-12747
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.
追加情報:
N/A
ダウンロード:
SRPMS
- rsync-3.2.5-3.el9.src.rpm
MD5: ad603bf64658725013276e88f855ec65
SHA-256: 76758091f80569885e35d116a6e6542083328248a13881966098ad1715a28175
Size: 1.25 MB
Asianux Server 9 for x86_64
- rsync-3.2.5-3.el9.x86_64.rpm
MD5: 30cb769d19a291ec92fed6141afa0d75
SHA-256: 6071731fb1dc80be9002f4750d5ea4e2b7b91ec07c507d6b5c51261c03b0293e
Size: 410.61 kB - rsync-daemon-3.2.5-3.el9.noarch.rpm
MD5: d195a80c286ebc4b2c30d848a84dd4b1
SHA-256: 53790c09b1f4a62816d0df6b16977a82ff5b061c0cae0895ea90aeeb02fbf984
Size: 9.04 kB - rsync-rrsync-3.2.5-3.el9.noarch.rpm
MD5: 3324d4f1bdac8695bdb2f675d95ca8fa
SHA-256: 1abda2df331abdc58c6a734c660c023d1e5c48dfe04e68b775491bcb0a164311
Size: 14.20 kB
English