mirrors/poky - poky - zepto initiative

mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-06-21 13:54:22 +02:00

Commit Graph

Author	SHA1	Message	Date
Archana Polampalli	29909c9cf6	rsync: fix CVE-2024-12084 A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer. (From OE-Core rev: ad0e13912b17ca19ffbd7ea6a366f7c968517fb2) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2025-01-25 06:20:37 -08:00

Author

SHA1

Message

Date

Archana Polampalli

29909c9cf6

rsync: fix CVE-2024-12084

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due
to improper handling of attacker-controlled checksum lengths (s2length) in the code.
When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write
out of bounds in the sum2 buffer.

(From OE-Core rev: ad0e13912b17ca19ffbd7ea6a366f7c968517fb2)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2025-01-25 06:20:37 -08:00

1 Commits