VDB
RHSA-2025%3A1128
RHSA-2025%3A1128
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-coredns-rhel9@sha256:b437e90cd9a95a1c52d3789c262282557488df39464550a0f4d16d9af8e1ab82_s390x as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-coredns-rhel9@sha256:b437e90cd9a95a1c52d3789c262282557488df39464550a0f4d16d9af8e1ab82_s390x |
| Red Hat | openshift4/ose-cluster-authentication-rhel9-operator@sha256:9149f48052c7287bebef5dd49af7074349b069bd840afe9bd7dde6e1dab4bcdc_amd64 as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-cluster-authentication-rhel9-operator@sha256:9149f48052c7287bebef5dd49af7074349b069bd840afe9bd7dde6e1dab4bcdc_amd64 |
| Red Hat | openshift4/ose-aws-cluster-api-controllers-rhel9@sha256:f52a40e79a18252ebe61edf6f74c7890a1be55e2fc6dfad1e5e68accae26e44b_arm64 as a component of Red Hat OpenShift Container Platform 4.15 | *, *, * |
| Red Hat | openshift4/ose-docker-builder@sha256:5aa010bd6bd623d344e9d3937ab1eea08f55ae01bf0b225f6b2c0258d705bedc_arm64 as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-docker-builder@sha256:5aa010bd6bd623d344e9d3937ab1eea08f55ae01bf0b225f6b2c0258d705bedc_arm64 |
| Red Hat | openshift4/ose-machine-api-provider-aws-rhel9@sha256:31811981c3272a3f9e7578bb7a8a0bb50fc7f125022161e622b149315a774dcf_amd64 as a component of Red Hat OpenShift Container Platform 4.15 | *, *, * |
| Red Hat | openshift4/kubevirt-csi-driver-rhel8@sha256:797b8b9053ce31e87178a2443407e364a450547eba459f70d00743712aaf51af_amd64 as a component of Red Hat OpenShift Container Platform 4.15 | *, *, * |
| Red Hat | openshift4/ose-thanos-rhel8@sha256:ba422c3ae54a3e7a6b3fab5e352044fc7d80b74d670a0a6d483c485513405226_s390x as a component of Red Hat OpenShift Container Platform 4.15 | *, *, * |
| Red Hat | openshift4/ose-kube-state-metrics-rhel9@sha256:f07f838677f6d373753ca1b663241c7b522804c3834cf66aad3626991f459da5_ppc64le as a component of Red Hat OpenShift Container Platform 4.15 | * |
| Red Hat | openshift4/ose-tools-rhel8@sha256:dd083a1f4133372130b76e193cc761b4862ba3bb37991e0373fa38f01f03afdf_ppc64le as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-tools-rhel8@sha256:dd083a1f4133372130b76e193cc761b4862ba3bb37991e0373fa38f01f03afdf_ppc64le |
| Red Hat | openshift4/ose-cluster-config-api-rhel9@sha256:5a412b21f1e72ac45d952c865c88fe2dcae27738aac9346d508ae786de830b29_amd64 as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-cluster-config-api-rhel9@sha256:5a412b21f1e72ac45d952c865c88fe2dcae27738aac9346d508ae786de830b29_amd64 |
| Red Hat | openshift4/ose-cluster-storage-rhel9-operator@sha256:0fbdde368e79089160bc0c7626504fbc9293238c008aafee112de16d9d3ce06f_amd64 as a component of Red Hat OpenShift Container Platform 4.15 | *, *, * |
| Red Hat | openshift4/ose-aws-cloud-controller-manager-rhel9@sha256:527893663d622770a4c112176e90333da4f828b76d5bf0897367c0bd58ac3a88_amd64 as a component of Red Hat OpenShift Container Platform 4.15 | *, *, * |
| Red Hat | openshift4/ose-console@sha256:7c9d038b166a78cb4c418410d3d86bb3334eed416c22d815e690598faf2986aa_amd64 as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-console@sha256:7c9d038b166a78cb4c418410d3d86bb3334eed416c22d815e690598faf2986aa_amd64 |
| Red Hat | openshift4/ose-keepalived-ipfailover-rhel9@sha256:9d4be1bcc20453297c8edd8618c37c39387327ca79f21061e7b2a6e290b25049_amd64 as a component of Red Hat OpenShift Container Platform 4.15 | *, *, * |
| Red Hat | openshift4/ose-cluster-dns-rhel9-operator@sha256:6529eb8973fce1ddedba0b2a00e3c3433a8bd8462fb9e31721b3a840d1442d0e_s390x as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-cluster-dns-rhel9-operator@sha256:6529eb8973fce1ddedba0b2a00e3c3433a8bd8462fb9e31721b3a840d1442d0e_s390x |
| Red Hat | openshift4/ose-cluster-kube-cluster-api-rhel9-operator@sha256:e5e3ff4852b7ffe270feaf683f865047a435589d30ff69bd605cd44b9b3bf5ac_s390x as a component of Red Hat OpenShift Container Platform 4.15 | * |
| Red Hat | openshift4/ose-cluster-cloud-controller-manager-rhel9-operator@sha256:2b43472de0ef230b4627dd9e60d025f24df547f9ba5cbcc3124f20c38f8907f9_arm64 as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-cluster-cloud-controller-manager-rhel9-operator@sha256:2b43472de0ef230b4627dd9e60d025f24df547f9ba5cbcc3124f20c38f8907f9_arm64 |
| Red Hat | openshift4/ose-cli@sha256:fedda106f6b35b3be7babc4b937495dd1f1c1b61b11b969a30e8e37501e95de3_ppc64le as a component of Red Hat OpenShift Container Platform 4.15 | * |
| Red Hat | openshift4/ose-cluster-update-keys-rhel9@sha256:66c5cb682a654767da6d8d57e9a762116c5533c1cf59231c788584bf382b6496_amd64 as a component of Red Hat OpenShift Container Platform 4.15 | *, *, * |
| Red Hat | openshift4/ose-monitoring-plugin-rhel8@sha256:7f6f5e7a83304302f546c4ac55390f1be9c4ff0f6225a23d41b5765968b3ff5f_s390x as a component of Red Hat OpenShift Container Platform 4.15 | * |
…and 1280 more
Timeline
- Feb 12, 2025 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Jul 13, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2025:1128 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://access.redhat.com/security/vulnerabilities/RHSB-2024-001 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2330539 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2333122 issue
- https://issues.redhat.com/browse/OCPBUGS-48583 advisory
- https://issues.redhat.com/browse/OCPBUGS-48592 advisory
- https://issues.redhat.com/browse/OCPBUGS-48697 advisory
- https://issues.redhat.com/browse/OCPBUGS-48751 advisory
- https://issues.redhat.com/browse/OCPBUGS-48832 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1128.json advisory
- https://access.redhat.com/security/cve/CVE-2024-12085 advisory
- https://www.cve.org/CVERecord?id=CVE-2024-12085 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-12085 advisory
- https://kb.cert.org/vuls/id/952657 advisory
- https://access.redhat.com/security/cve/CVE-2024-45338 advisory
- https://www.cve.org/CVERecord?id=CVE-2024-45338 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-45338 advisory
- https://go.dev/cl/637536 advisory
- https://go.dev/issue/70906 advisory
…and 2 more