{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-12747", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2024-12-18T06:49:21.481Z", "datePublished": "2025-01-14T17:39:16.031Z", "dateUpdated": "2025-10-08T15:36:29.030Z"}, "containers": {"cna": {"title": "Rsync: race condition in rsync handling symbolic links", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation."}], "affected": [{"versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.3.0"}], "packageName": "rsync", "collectionURL": "https://github.com/RsyncProject/rsync", "defaultStatus": "unaffected"}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rsync", "defaultStatus": "affected", "versions": [{"version": "0:3.1.3-21.el8_10", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:enterprise_linux:8::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rsync", "defaultStatus": "affected", "versions": [{"version": "0:3.2.5-3.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rsync", "defaultStatus": "affected", "versions": [{"version": "0:3.2.5-3.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Discovery 1.14", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "discovery/discovery-ui-rhel9", "defaultStatus": "affected", "versions": [{"version": "sha256:c960fa13577db72b52765d6941688f431f61fe38adb717b2d8bb6569e241bc5e", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:discovery:1.14::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rsync", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:10"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rsync", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rsync", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhcos", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:openshift:4"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:2600", "name": "RHSA-2025:2600", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:7050", "name": "RHSA-2025:7050", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:8385", "name": "RHSA-2025:8385", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2024-12747", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2332968", "name": "RHBZ#2332968", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://kb.cert.org/vuls/id/952657"}], "datePublic": "2025-01-14T15:06:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-362", "description": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "timeline": [{"lang": "en", "time": "2024-12-18T07:12:52.493000+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-01-14T15:06:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Aleksei Gorban \"loqpa\" for reporting this issue."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-10-08T15:36:29.030Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-14T18:38:10.199669Z", "id": "CVE-2024-12747", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-14T18:38:36.602Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-12747", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-14T18:38:10.199669Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-14T18:38:14.932Z"}}], "cna": {"title": "Rsync: race condition in rsync handling symbolic links", "credits": [{"lang": "en", "value": "Red Hat would like to thank Aleksei Gorban \"loqpa\" for reporting this issue."}], "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.6, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.3.0"}], "packageName": "rsync", "collectionURL": "https://github.com/RsyncProject/rsync", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "versions": [{"status": "unaffected", "version": "0:3.1.3-21.el8_10", "lessThan": "*", "versionType": "rpm"}], "packageName": "rsync", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "0:3.2.5-3.el9", "lessThan": "*", "versionType": "rpm"}], "packageName": "rsync", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "0:3.2.5-3.el9", "lessThan": "*", "versionType": "rpm"}], "packageName": "rsync", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:discovery:1.14::el9"], "vendor": "Red Hat", "product": "Red Hat Discovery 1.14", "versions": [{"status": "unaffected", "version": "sha256:c960fa13577db72b52765d6941688f431f61fe38adb717b2d8bb6569e241bc5e", "lessThan": "*", "versionType": "rpm"}], "packageName": "discovery/discovery-ui-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:10"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "packageName": "rsync", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:6"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "packageName": "rsync", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "packageName": "rsync", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/a:redhat:openshift:4"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4", "packageName": "rhcos", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2024-12-18T07:12:52.493000+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-01-14T15:06:00+00:00", "value": "Made public."}], "datePublic": "2025-01-14T15:06:00.000Z", "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:2600", "name": "RHSA-2025:2600", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:7050", "name": "RHSA-2025:7050", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:8385", "name": "RHSA-2025:8385", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2024-12747", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2332968", "name": "RHBZ#2332968", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://kb.cert.org/vuls/id/952657"}], "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "descriptions": [{"lang": "en", "value": "A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-362", "description": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-10-08T15:36:29.030Z"}, "x_redhatCweChain": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}}, "cveMetadata": {"cveId": "CVE-2024-12747", "state": "PUBLISHED", "dateUpdated": "2025-10-08T15:36:29.030Z", "dateReserved": "2024-12-18T06:49:21.481Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2025-01-14T17:39:16.031Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en rsync. Esta vulnerabilidad surge de una condici\u00f3n de ejecuci\u00f3n durante la gesti\u00f3n de enlaces simb\u00f3licos por parte de rsync. El comportamiento predeterminado de rsync cuando encuentra enlaces simb\u00f3licos es omitirlos. Si un atacante reemplazaba un archivo normal con un enlace simb\u00f3lico en el momento adecuado, era posible omitir el comportamiento predeterminado y atravesar los enlaces simb\u00f3licos. Seg\u00fan los privilegios del proceso rsync, un atacante podr\u00eda filtrar informaci\u00f3n confidencial, lo que podr\u00eda llevar a una escalada de privilegios."}], "id": "CVE-2024-12747", "lastModified": "2025-06-02T15:15:27.937", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.1, "impactScore": 4.0, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2025-01-14T18:15:25.830", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:2600"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:7050"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:8385"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/security/cve/CVE-2024-12747"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2332968"}, {"source": "secalert@redhat.com", "url": "https://kb.cert.org/vuls/id/952657"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Aleksei Gorban \"loqpa\" for reporting this issue.", "affected_release": [{"advisory": "RHSA-2025:2600", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "rsync-0:3.1.3-21.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-03-11T00:00:00Z"}, {"advisory": "RHSA-2025:7050", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "rsync-0:3.2.5-3.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-13T00:00:00Z"}, {"advisory": "RHSA-2025:7050", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "rsync-0:3.2.5-3.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-13T00:00:00Z"}, {"advisory": "RHSA-2025:8385", "cpe": "cpe:/a:redhat:discovery:1.14::el9", "package": "registry.redhat.io/discovery/discovery-ui-rhel9:sha256:492e412759cf0eedfa5b557f7b0865f8864f84d0ed75e11dc8d7a840837d9644", "product_name": "Red Hat Discovery 1.14", "release_date": "2025-06-02T00:00:00Z"}], "bugzilla": {"description": "rsync: Race Condition in rsync Handling Symbolic Links", "id": "2332968", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2332968"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.6", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-362", "details": ["A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.", "A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-12747", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "rsync", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "rsync", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "rsync", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2025-01-14T15:06:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-12747\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-12747\nhttps://kb.cert.org/vuls/id/952657"], "statement": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\nRed Hat enforces the principle of least functionality, ensuring that only essential features, services, and ports are enabled. The environment leverages malicious code protections such as IPS/IDS and antimalware solutions that detect and respond to indicators in real time, limiting the impact of exploitation attempts. Static code analysis and peer code review techniques are used to execute robust input validation and error-handling mechanisms to ensure all user inputs are thoroughly validated, preventing improperly validated inputs from causing system instability, exposing sensitive data, or escalating risks. In the case of successful exploitation, detection and containment controls are in place to limit impacts by alerting on anomalous system behavior in real time, while process isolation and automated orchestration via Kubernetes minimize the likelihood of concurrent execution scenarios that would trigger the race condition and help contain the impact to a single process.", "threat_severity": "Moderate"}