Search for vulnerabilities
Vulnerability details: VCID-t6x8-3b91-jkgy
Vulnerability ID VCID-t6x8-3b91-jkgy
Aliases CVE-2024-12085
Summary A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:0324
ssvc Track https://access.redhat.com/errata/RHSA-2025:0324
ssvc Track https://access.redhat.com/errata/RHSA-2025:0324
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:0325
ssvc Track https://access.redhat.com/errata/RHSA-2025:0325
ssvc Track https://access.redhat.com/errata/RHSA-2025:0325
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:0637
ssvc Track https://access.redhat.com/errata/RHSA-2025:0637
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:0688
ssvc Track https://access.redhat.com/errata/RHSA-2025:0688
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:0714
ssvc Track https://access.redhat.com/errata/RHSA-2025:0714
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:0774
ssvc Track https://access.redhat.com/errata/RHSA-2025:0774
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:0787
ssvc Track https://access.redhat.com/errata/RHSA-2025:0787
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:0790
ssvc Track https://access.redhat.com/errata/RHSA-2025:0790
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:0849
ssvc Track https://access.redhat.com/errata/RHSA-2025:0849
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:0884
ssvc Track https://access.redhat.com/errata/RHSA-2025:0884
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:0885
ssvc Track https://access.redhat.com/errata/RHSA-2025:0885
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:1120
ssvc Track https://access.redhat.com/errata/RHSA-2025:1120
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:1123
ssvc Track https://access.redhat.com/errata/RHSA-2025:1123
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:1128
ssvc Track https://access.redhat.com/errata/RHSA-2025:1128
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:1225
ssvc Track https://access.redhat.com/errata/RHSA-2025:1225
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:1227
ssvc Track https://access.redhat.com/errata/RHSA-2025:1227
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:1242
ssvc Track https://access.redhat.com/errata/RHSA-2025:1242
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:1451
ssvc Track https://access.redhat.com/errata/RHSA-2025:1451
cvssv3.1 7.5 https://access.redhat.com/errata/RHSA-2025:2701
ssvc Track https://access.redhat.com/errata/RHSA-2025:2701
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12085.json
cvssv3.1 7.5 https://access.redhat.com/security/cve/CVE-2024-12085
ssvc Track https://access.redhat.com/security/cve/CVE-2024-12085
ssvc Track https://access.redhat.com/security/cve/CVE-2024-12085
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00433 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00587 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00587 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00587 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00587 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00587 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00587 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00587 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00587 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00936 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.00967 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01184 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01184 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01426 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01426 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01426 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01426 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01426 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01426 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01426 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01426 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01426 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.0159 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01799 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01799 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01799 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01799 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01799 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01799 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01799 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01799 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01799 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01799 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01799 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01799 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01799 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
epss 0.01799 https://api.first.org/data/v1/epss?cve=CVE-2024-12085
cvssv3.1 7.5 https://bugzilla.redhat.com/show_bug.cgi?id=2330539
ssvc Track https://bugzilla.redhat.com/show_bug.cgi?id=2330539
ssvc Track https://bugzilla.redhat.com/show_bug.cgi?id=2330539
cvssv3.1 4.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 5.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 7.5 https://kb.cert.org/vuls/id/952657
ssvc Track https://kb.cert.org/vuls/id/952657
ssvc Track https://kb.cert.org/vuls/id/952657
archlinux Critical https://security.archlinux.org/AVG-2858
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12085.json
https://api.first.org/data/v1/epss?cve=CVE-2024-12085
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12085
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj
2330539 https://bugzilla.redhat.com/show_bug.cgi?id=2330539
952657 https://kb.cert.org/vuls/id/952657
ASA-202501-1 https://security.archlinux.org/ASA-202501-1
AVG-2858 https://security.archlinux.org/AVG-2858
cpe:/a:redhat:enterprise_linux:9::appstream https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
cpe:/a:redhat:logging:5.8::el9 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.8::el9
cpe:/a:redhat:logging:5.9::el9 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.9::el9
cpe:/a:redhat:openshift:4 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
cpe:/a:redhat:openshift:4.12::el8 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8
cpe:/a:redhat:openshift:4.13::el8 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8
cpe:/a:redhat:openshift:4.13::el9 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
cpe:/a:redhat:openshift:4.14::el8 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8
cpe:/a:redhat:openshift:4.14::el9 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
cpe:/a:redhat:openshift:4.15::el8 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8
cpe:/a:redhat:openshift:4.15::el9 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
cpe:/a:redhat:openshift:4.16::el9 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
cpe:/a:redhat:openshift:4.17::el9 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
cpe:/a:redhat:rhel_e4s:9.0::appstream https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
cpe:/a:redhat:rhel_eus:9.2::appstream https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
cpe:/a:redhat:rhel_eus:9.4::appstream https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
cpe:/o:redhat:enterprise_linux:10 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
cpe:/o:redhat:enterprise_linux:9::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
cpe:/o:redhat:rhel_aus:8.2::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
cpe:/o:redhat:rhel_aus:8.4::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
cpe:/o:redhat:rhel_aus:8.6::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
cpe:/o:redhat:rhel_e4s:8.4::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos
cpe:/o:redhat:rhel_e4s:8.6::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
cpe:/o:redhat:rhel_e4s:9.0::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
cpe:/o:redhat:rhel_els:6 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6
cpe:/o:redhat:rhel_els:7 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
cpe:/o:redhat:rhel_eus:8.8::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
cpe:/o:redhat:rhel_eus:9.2::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
cpe:/o:redhat:rhel_eus:9.4::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
cpe:/o:redhat:rhel_tus:8.4::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos
cpe:/o:redhat:rhel_tus:8.6::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
CVE-2024-12085 https://access.redhat.com/security/cve/CVE-2024-12085
CVE-2024-12085 https://nvd.nist.gov/vuln/detail/CVE-2024-12085
GLSA-202501-01 https://security.gentoo.org/glsa/202501-01
RHSA-2025:0324 https://access.redhat.com/errata/RHSA-2025:0324
RHSA-2025:0325 https://access.redhat.com/errata/RHSA-2025:0325
RHSA-2025:0637 https://access.redhat.com/errata/RHSA-2025:0637
RHSA-2025:0688 https://access.redhat.com/errata/RHSA-2025:0688
RHSA-2025:0714 https://access.redhat.com/errata/RHSA-2025:0714
RHSA-2025:0774 https://access.redhat.com/errata/RHSA-2025:0774
RHSA-2025:0787 https://access.redhat.com/errata/RHSA-2025:0787
RHSA-2025:0790 https://access.redhat.com/errata/RHSA-2025:0790
RHSA-2025:0849 https://access.redhat.com/errata/RHSA-2025:0849
RHSA-2025:0884 https://access.redhat.com/errata/RHSA-2025:0884
RHSA-2025:0885 https://access.redhat.com/errata/RHSA-2025:0885
RHSA-2025:1120 https://access.redhat.com/errata/RHSA-2025:1120
RHSA-2025:1123 https://access.redhat.com/errata/RHSA-2025:1123
RHSA-2025:1128 https://access.redhat.com/errata/RHSA-2025:1128
RHSA-2025:1225 https://access.redhat.com/errata/RHSA-2025:1225
RHSA-2025:1227 https://access.redhat.com/errata/RHSA-2025:1227
RHSA-2025:1242 https://access.redhat.com/errata/RHSA-2025:1242
RHSA-2025:1451 https://access.redhat.com/errata/RHSA-2025:1451
RHSA-2025:2701 https://access.redhat.com/errata/RHSA-2025:2701
USN-7206-1 https://usn.ubuntu.com/7206-1/
USN-7206-3 https://usn.ubuntu.com/7206-3/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:0324
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:0324
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:01:51Z/ Found at https://access.redhat.com/errata/RHSA-2025:0324
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:0325
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:01:51Z/ Found at https://access.redhat.com/errata/RHSA-2025:0325
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:0325
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:0637
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:0637
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:0688
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:0688
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:0714
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:0714
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:0774
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:0774
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:0787
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:0787
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:0790
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:0790
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:0849
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:0849
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:0884
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:0884
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:0885
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:0885
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:1120
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:1120
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:1123
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:1123
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:1128
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:1128
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:1225
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:1225
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:1227
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:1227
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:1242
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:1242
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:1451
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:1451
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:2701
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/errata/RHSA-2025:2701
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12085.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/security/cve/CVE-2024-12085
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://access.redhat.com/security/cve/CVE-2024-12085
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:01:51Z/ Found at https://access.redhat.com/security/cve/CVE-2024-12085
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://bugzilla.redhat.com/show_bug.cgi?id=2330539
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=2330539
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:01:51Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=2330539
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://kb.cert.org/vuls/id/952657
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T18:00:38Z/ Found at https://kb.cert.org/vuls/id/952657
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:01:51Z/ Found at https://kb.cert.org/vuls/id/952657
Exploit Prediction Scoring System (EPSS)
Percentile 0.17624
EPSS Score 0.00045
Published At Jan. 16, 2025, midnight
Date Actor Action Source VulnerableCode Version
2024-12-18T04:08:51.966849+00:00 SUSE Severity Score Importer Import https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml 35.0.0