Important Photon OS Security Update - PHSA-2026-5.0-0885

Updates of 'util-linux', 'rsync', 'jq' packages of Photon OS have been released...

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.18.44 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

RHSA-2026:26410 Red Hat Security Advisory: rsync security update

Bulletin has no description...

RHSA-2026:26408 Red Hat Security Advisory: rsync security update

Bulletin has no description...

RHSA-2026:26332 Red Hat Security Advisory: rsync security, bug fix, and enhancement update

Bulletin has no description...

Oracle Linux 8 : rsync (ELSA-2026-26408)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-26408 advisory. - Integer overflow in compressed-token decoding CVE-2026-43618 Tenable has extracted the preceding description block directly from the Oracle Linux...

RockyLinux 9 : rsync (RLSA-2026:26410)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26410 advisory. rsync: rsync: Remote memory disclosure via integer overflow in compressed-token decoding CVE-2026-43618 rsync: TOCTOU symlink race condition allowing...

RockyLinux 8 : rsync (RLSA-2026:26408)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26408 advisory. rsync: rsync: Remote memory disclosure via integer overflow in compressed-token decoding CVE-2026-43618 rsync: TOCTOU symlink race condition allowing...

rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.

A flaw was found in rsync. An rsync daemon configured with "use chroot = no" is exposed to a time-of-check / time-of-use race on parent path components. A local attacker with write access to a module can replace a parent directory component with a symlink between the receiver's check and its open...

rsync: rsync: Remote memory disclosure via integer overflow in compressed-token decoding

A flaw was found in rsync. An authenticated daemon peer can exploit an integer overflow vulnerability in the compressed-token decoder. By carefully manipulating the compressed-token, a malicious sender can trigger an overflow, leading to remote memory disclosure. This allows an attacker to leak...

Important: Red Hat Security Advisory: rsync security update

An update for rsync is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

rsync: rsync: Remote memory disclosure via integer overflow in compressed-token decoding

A flaw was found in rsync. An authenticated daemon peer can exploit an integer overflow vulnerability in the compressed-token decoder. By carefully manipulating the compressed-token, a malicious sender can trigger an overflow, leading to remote memory disclosure. This allows an attacker to leak...

rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.

A flaw was found in rsync. An rsync daemon configured with "use chroot = no" is exposed to a time-of-check / time-of-use race on parent path components. A local attacker with write access to a module can replace a parent directory component with a symlink between the receiver's check and its open...

Important: Red Hat Security Advisory: rsync security update

An update for rsync is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.

A flaw was found in rsync. An rsync daemon configured with "use chroot = no" is exposed to a time-of-check / time-of-use race on parent path components. A local attacker with write access to a module can replace a parent directory component with a symlink between the receiver's check and its open...

Important: Red Hat Security Advisory: rsync security, bug fix, and enhancement update

An update for rsync is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

rsync: rsync: Remote memory disclosure via integer overflow in compressed-token decoding

A flaw was found in rsync. An authenticated daemon peer can exploit an integer overflow vulnerability in the compressed-token decoder. By carefully manipulating the compressed-token, a malicious sender can trigger an overflow, leading to remote memory disclosure. This allows an attacker to leak...

BIT-MARIADB-MIN-2026-48163 MariaDB: wsrep SST unsafe parameter handling on the donor side (rsync)

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, during the SST the donor node is interpolating parameters that the joiner sent into the command line. No...

BIT-MARIADB-2026-48163 MariaDB: wsrep SST unsafe parameter handling on the donor side (rsync)

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, during the SST the donor node is interpolating parameters that the joiner sent into the command line. No...

RHEL 8 : rsync (RHSA-2026:26408)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26408 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because...