CVE-2024-12747: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.
AI Analysis
Technical Summary
This vulnerability arises from a race condition in rsync's handling of symbolic links. Rsync's default behavior is to skip symbolic links, but if an attacker replaces a regular file with a symbolic link at the right time, it can bypass this behavior and traverse symbolic links. This can lead to leakage of sensitive information or privilege escalation depending on the privileges of the rsync process. The issue affects multiple architectures of Red Hat Enterprise Linux 8 and 10. Red Hat has issued official security advisories and patches to fix this vulnerability as part of broader rsync updates addressing multiple CVEs including CVE-2024-12747.
Potential Impact
The vulnerability allows an attacker with local access to exploit a race condition to bypass rsync's default symbolic link skipping behavior. This can lead to unauthorized traversal of symbolic links, potentially leaking sensitive information or enabling privilege escalation depending on the rsync process privileges. The CVSS score of 5.6 indicates moderate severity with high impact on confidentiality but no impact on integrity or availability. There are no known exploits in the wild at this time.
Mitigation Recommendations
Official patches are available from Red Hat for Red Hat Enterprise Linux versions 8 and 10. Users should apply the security updates as described in the Red Hat advisories RHSA-2025:2600 and RHBA-2025:6470. The advisories provide updated rsync packages that fix the race condition vulnerability. No additional mitigations are required beyond applying these official fixes.
CVE-2024-12747: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Description
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability arises from a race condition in rsync's handling of symbolic links. Rsync's default behavior is to skip symbolic links, but if an attacker replaces a regular file with a symbolic link at the right time, it can bypass this behavior and traverse symbolic links. This can lead to leakage of sensitive information or privilege escalation depending on the privileges of the rsync process. The issue affects multiple architectures of Red Hat Enterprise Linux 8 and 10. Red Hat has issued official security advisories and patches to fix this vulnerability as part of broader rsync updates addressing multiple CVEs including CVE-2024-12747.
Potential Impact
The vulnerability allows an attacker with local access to exploit a race condition to bypass rsync's default symbolic link skipping behavior. This can lead to unauthorized traversal of symbolic links, potentially leaking sensitive information or enabling privilege escalation depending on the rsync process privileges. The CVSS score of 5.6 indicates moderate severity with high impact on confidentiality but no impact on integrity or availability. There are no known exploits in the wild at this time.
Mitigation Recommendations
Official patches are available from Red Hat for Red Hat Enterprise Linux versions 8 and 10. Users should apply the security updates as described in the Red Hat advisories RHSA-2025:2600 and RHBA-2025:6470. The advisories provide updated rsync packages that fix the race condition vulnerability. No additional mitigations are required beyond applying these official fixes.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- redhat
- Date Reserved
- 2024-12-18T06:49:21.481Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d9816c4522896dcbd66b6
Added to database: 5/21/2025, 9:08:38 AM
Last enriched: 4/15/2026, 11:23:37 AM
Last updated: 5/8/2026, 6:50:24 PM
Views: 77
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.