Alpine: multiple rrsync packages: security update to 3.4.0-r0

high Tenable Self-Hosted Container Security Plugin ID 424451

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive`
option, a default-enabled option for many client options and can be enabled by the server even if not
explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink
verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to
write files outside of the client's intended destination directory. A malicious server could write
malicious files to arbitrary locations named after valid directories/paths on the client. (CVE-2024-12087)

- A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of
attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed
SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer. (CVE-2024-12084)

- A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an
attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and
uninitialized memory and leak one byte of uninitialized stack data at a time. (CVE-2024-12085)

- A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the
client's machine. This issue occurs when files are being copied from a client to a server. During this
process, the rsync server will send checksums of local data to the client to compare with in order to
determine what data needs to be sent to the server. By sending specially constructed checksum values for
arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the
responses from the client. (CVE-2024-12086)

See Also

https://security.alpinelinux.org/vuln/CVE-2024-12084

https://security.alpinelinux.org/vuln/CVE-2024-12085

https://security.alpinelinux.org/vuln/CVE-2024-12086

https://security.alpinelinux.org/vuln/CVE-2024-12087

https://security.alpinelinux.org/vuln/CVE-2024-12088

https://security.alpinelinux.org/vuln/CVE-2024-12747

Plugin Details

Severity: High

ID: 424451

Version: Revision 1.19

Type: Local

Published: 4/4/2025

Updated: 6/29/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: High

Score: 7.6

Percentile: 98.46

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2024-12087

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2024-12088

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1/14/2025

Reference Information

CVE: CVE-2024-12084, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747