CVE-2024-12087: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
AI Analysis
Technical Summary
The vulnerability in rsync arises from the --inc-recursive option's handling of symbolic links and deduplication during file synchronization. Because the server can enable this option even if not explicitly requested by the client, and due to insufficient symlink verification, a malicious server can cause rsync to write files outside the client's intended directory. This path traversal can lead to unauthorized file writes and potential integrity compromise on the client system. The issue affects multiple architectures and versions of Red Hat Enterprise Linux. Red Hat has issued security advisories and updates that fix this vulnerability by rebuilding rsync with appropriate safeguards.
Potential Impact
An attacker controlling a malicious rsync server can exploit this vulnerability to write files to arbitrary locations on the client system outside the intended synchronization directory. This can lead to integrity violations by placing malicious files in sensitive locations. The CVSS vector indicates no impact on confidentiality or availability, but a high impact on integrity. There are no reports of active exploitation in the wild at this time.
Mitigation Recommendations
Official patches are available from Red Hat for affected versions of Red Hat Enterprise Linux 9.4 and 10. Users should apply these updates promptly to remediate the vulnerability. The advisories provide detailed instructions and updated package versions. No additional mitigation is required beyond applying the vendor-provided fixes.
CVE-2024-12087: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability in rsync arises from the --inc-recursive option's handling of symbolic links and deduplication during file synchronization. Because the server can enable this option even if not explicitly requested by the client, and due to insufficient symlink verification, a malicious server can cause rsync to write files outside the client's intended directory. This path traversal can lead to unauthorized file writes and potential integrity compromise on the client system. The issue affects multiple architectures and versions of Red Hat Enterprise Linux. Red Hat has issued security advisories and updates that fix this vulnerability by rebuilding rsync with appropriate safeguards.
Potential Impact
An attacker controlling a malicious rsync server can exploit this vulnerability to write files to arbitrary locations on the client system outside the intended synchronization directory. This can lead to integrity violations by placing malicious files in sensitive locations. The CVSS vector indicates no impact on confidentiality or availability, but a high impact on integrity. There are no reports of active exploitation in the wild at this time.
Mitigation Recommendations
Official patches are available from Red Hat for affected versions of Red Hat Enterprise Linux 9.4 and 10. Users should apply these updates promptly to remediate the vulnerability. The advisories provide detailed instructions and updated package versions. No additional mitigation is required beyond applying the vendor-provided fixes.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- redhat
- Date Reserved
- 2024-12-03T08:58:04.170Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d9816c4522896dcbd6699
Added to database: 5/21/2025, 9:08:38 AM
Last enriched: 4/15/2026, 11:23:23 AM
Last updated: 5/8/2026, 12:11:31 PM
Views: 67
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.