CVE-2024-52522

Name of the Vulnerable Software and Affected Versions rclone versions prior to 1.68.2

Description The issue is related to insecure handling of symlinks with --links and --metadata in rclone while copying to local disk. This allows unprivileged users to indirectly modify ownership and permissions on symlink target files when a superuser or privileged process performs a copy. The vulnerability could enable privilege escalation and unauthorized access to critical system files, compromising system integrity, confidentiality, and availability.

For instance, an unprivileged user could set a symlink to a sensitive file within their home directory, waiting for an administrator or automated process to copy their files with rclone using the --links and --metadata options. Upon copying, rclone will incorrectly apply chown and chmod to the symlink’s target file rather than just the symlink itself, resulting in ownership and permission changes on the sensitive file.

Recommendations For versions prior to 1.68.2, update to version 1.68.2 to fix the vulnerability. As a temporary workaround, consider avoiding the use of --links and --metadata when copying files to the local backend with rclone, especially when running as a superuser. Restrict access to sensitive system files to minimize the risk of exploitation.