rsync-3.1.3-21.el8_10
エラータID: AXSA:2025-9746:06
リリース日:
2025/03/13 Thursday - 21:31
題名:
rsync-3.1.3-21.el8_10
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- rsync には、シンボリックリンクに対するチェック処理が欠落している
ため、リモートの攻撃者により、クライアントが意図したディレクトリ外の
ファイルへの不正な書き込みを可能とする脆弱性が存在します。
(CVE-2024-12087)
- rsync には、シンボリックリンク先に別のシンボリックリンクが含まれて
いることを正しくチェックできない問題があるため、リモートの攻撃者に
より、”--safe-links” オプションを用いた rsync コマンドの利用を介して、
任意のファイルへの不正な書き込みを可能とする脆弱性が存在します。
(CVE-2024-12088)
- rsync には、レースコンディションに起因してシンボリックリンクの
トラバースを許容してしまう問題があるため、ローカルの攻撃者により、
特権の昇格、および情報の漏洩を可能とする脆弱性が存在します。
(CVE-2024-12747)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2024-12087
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
CVE-2024-12088
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
CVE-2024-12747
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.
追加情報:
N/A
ダウンロード:
SRPMS
- rsync-3.1.3-21.el8_10.src.rpm
MD5: 5320613df9204f372112785ee5aee511
SHA-256: 9f69828d6e48f249b14c7b9eee6b4b27ac2bd57c44213cbd6e765703806cdc84
Size: 1.10 MB
Asianux Server 8 for x86_64
- rsync-3.1.3-21.el8_10.x86_64.rpm
MD5: 19517d9abe7bc25550894a80ff06f66e
SHA-256: c24d10abbd9f905748da08c3fe954293ea75e2a314274c47d7a34677af1b75ef
Size: 409.91 kB - rsync-daemon-3.1.3-21.el8_10.noarch.rpm
MD5: c9a69d0a519cd62c144a2235da967697
SHA-256: aa70ebbdf7606969955457d85bf03fd3ff9230df9db711d0ef4b9c23faedb1b1
Size: 43.66 kB
English