CVE-2022-29154

EUVD-2022-33562
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.4 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
Affected Products (NVD)
VendorProductVersion
sambarsync
𝑥
< 3.2.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
rsync
bookworm
3.2.7-1
fixed
bullseye
no-dsa
buster
ignored
sid
3.3.0-1
fixed
trixie
3.3.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
rsync
bionic
Fixed 3.1.2-2.1ubuntu1.6
released
focal
Fixed 3.1.3-8ubuntu0.5
released
jammy
Fixed 3.2.7-0ubuntu0.22.04.2
released
kinetic
not-affected
lunar
not-affected
trusty
ignored
xenial
ignored
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2022/08/02/1
https://github.com/WayneD/rsync/tags
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/
http://www.openwall.com/lists/oss-security/2022/08/02/1
https://github.com/WayneD/rsync/tags
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/