CVE-2024-12086: Detection of Error Condition Without Action
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.
AI Analysis
Technical Summary
The vulnerability in rsync arises during client-to-server file transfers where the server sends checksums of its local data to the client. The client compares these checksums to its files to identify data differences. An attacker controlling the rsync server can send specially crafted checksum values to the client, enabling the server to reconstruct arbitrary client file contents byte-by-byte. This flaw allows unauthorized file content enumeration on the client side. The issue has been addressed by Red Hat in updated rsync packages for Red Hat Enterprise Linux 10.
Potential Impact
An attacker with control over an rsync server can exploit this vulnerability to read arbitrary files on the client machine during a file transfer session. This compromises client confidentiality by allowing unauthorized disclosure of file contents. The vulnerability does not impact integrity or availability. There are no known exploits in the wild at this time.
Mitigation Recommendations
Red Hat has released official patches for this vulnerability in rsync packages for Red Hat Enterprise Linux 10. Users should apply the updates as described in the Red Hat advisory (RHBA-2025:6470) and the referenced article https://access.redhat.com/articles/11258. Applying these updates mitigates the vulnerability. No additional vendor-recommended mitigations are specified.
CVE-2024-12086: Detection of Error Condition Without Action
Description
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability in rsync arises during client-to-server file transfers where the server sends checksums of its local data to the client. The client compares these checksums to its files to identify data differences. An attacker controlling the rsync server can send specially crafted checksum values to the client, enabling the server to reconstruct arbitrary client file contents byte-by-byte. This flaw allows unauthorized file content enumeration on the client side. The issue has been addressed by Red Hat in updated rsync packages for Red Hat Enterprise Linux 10.
Potential Impact
An attacker with control over an rsync server can exploit this vulnerability to read arbitrary files on the client machine during a file transfer session. This compromises client confidentiality by allowing unauthorized disclosure of file contents. The vulnerability does not impact integrity or availability. There are no known exploits in the wild at this time.
Mitigation Recommendations
Red Hat has released official patches for this vulnerability in rsync packages for Red Hat Enterprise Linux 10. Users should apply the updates as described in the Red Hat advisory (RHBA-2025:6470) and the referenced article https://access.redhat.com/articles/11258. Applying these updates mitigates the vulnerability. No additional vendor-recommended mitigations are specified.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- redhat
- Date Reserved
- 2024-12-03T08:57:58.397Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/errata/RHBA-2025:6470","vendor":"Red Hat"},{"url":"https://access.redhat.com/security/cve/CVE-2024-12086","vendor":"Red Hat"},{"url":"https://kb.cert.org/vuls/id/952657","vendor":"CERT"},{"url":"https://www.kb.cert.org/vuls/id/952657","vendor":"CERT"}]
Threat ID: 682d981bc4522896dcbd9dbe
Added to database: 5/21/2025, 9:08:43 AM
Last enriched: 4/24/2026, 11:13:56 PM
Last updated: 5/8/2026, 6:21:40 PM
Views: 70
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.