chutton-r7 (5)

Based upon writing a technical analysis of this vuln, I have rated the exploitability as Medium, as exploitation of this heap based overflow is limited and will take further work to develop into a full RCE. I have rated the attacker value as High, as rsync is a widely used file transfer/backup application and the vulnerability can be exploited without authentication in some configurations.

Note: a recent Google analysis states that chaining this issue with CVE-2024-12085 (an info leak), allows an attacker to defeat ASLR and hence increases the exploitability of this issue.