Vulnerability Description
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file).
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Samba | Rsync | < 3.2.5 |
| Fedoraproject | Fedora | 35 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2022/08/02/1ExploitMailing ListPatch
- https://github.com/WayneD/rsync/tagsRelease NotesThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- http://www.openwall.com/lists/oss-security/2022/08/02/1ExploitMailing ListPatch
- https://github.com/WayneD/rsync/tagsRelease NotesThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
FAQ
What is CVE-2022-29154?
CVE-2022-29154 is a vulnerability with a CVSS score of 7.4 (HIGH). An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are s...
How severe is CVE-2022-29154?
CVE-2022-29154 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-29154?
Check the references section above for vendor advisories and patch information. Affected products include: Samba Rsync, Fedoraproject Fedora.