A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10
Affected Products
8
References
samba / rsync
| - |
| archlinux | arch_linux | - | - |
| gentoo | linux | - | - |
| nixos | nixos | 24.11 | - |
| nixos | nixos | - | - |
| novell | suse_linux | - | - |
| tritondatacenter | smartos | 20250123 | - |
| redhat | enterprise_linux | - | - |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability
Impact