2447 matches found
UBUNTU-CVE-2026-29518
Rsync versions before 3.4.3 contain a time-of-check to time-of-use TOCTOU race condition in daemon file handling that allows attackers to redirect file writes outside intended directories by replacing parent directory components with symbolic links. Attackers with write access to a module path ca...
UBUNTU-CVE-2026-43619
Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...
rsync: rsync server leaks arbitrary client files
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...
Important: Red Hat Security Advisory: rsync security update
An update for rsync is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Important: Red Hat Security Advisory: rsync security update
An update for rsync is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
rsync: Rsync: Use-after-free vulnerability in extended attribute handling
A flaw was found in rsync. When rsync is configured to handle extended attributes using the -X or --xattrs option, a remote attacker can exploit a use-after-free vulnerability. This occurs because the receivexattr function incorrectly processes an untrusted length value during a sorting operation...
Security update for rsync
This update for rsync fixes the following issue CVE-2026-41035: count of entries mismatch can lead to a use-after-free bsc1262223. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
SUSE-SU-2026:2002-1 Security update for rsync
This update for rsync fixes the following issue - CVE-2026-41035: count of entries mismatch can lead to a use-after-free bsc1262223...
CLSA-2026-1779154430 rsync: Fix of CVE-2026-41035
CVE-2026-41035: receiver use-after-free in receivexattr via untrusted xattr count passed to qsort...
CLSA-2026-1779131668 rsync: Fix of CVE-2026-41035
CVE-2026-41035: receiver use-after-free in receivexattr via untrusted xattr count passed to qsort...
Security update for rsync (important)
openSUSE security update: security update for rsync ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20754-1 Rating: important References: bsc1254441 bsc1262223 Cross-References: CVE-2025-10158 CVE-2026-41035 CVSS scores: CVE-2025-10158 SUSE : 4.3...
RHEL 10 : rsync (RHSA-2026:19152)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19152 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync onl...
Important: rsync security update
The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...
ALSA-2026:19368 Important: rsync security update
The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...
ALSA-2026:19152 Important: rsync security update
The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...
MiracleLinux 8 : rsync-3.1.3-25.el8_10 (AXSA:2026-627:03)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-627:03 advisory. rsync: Rsync: Use-after-free vulnerability in extended attribute handling CVE-2026-41035 Tenable has extracted the preceding description block directly from t...
CLSA-2026-1778940132 rsync: Fix of CVE-2026-41035
CVE-2026-41035: receiver use-after-free in receivexattr via untrusted xattr count passed to qsort...
AlmaLinux 8 : rsync (ALSA-2026:17481)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:17481 advisory. rsync: Rsync: Use-after-free vulnerability in extended attribute handling CVE-2026-41035 Tenable has extracted the preceding description block directly from the...
[SECURITY] Fedora 44 Update: rsync-3.4.1-7.fc44
Rsync uses a reliable algorithm to bring remote and host files into sync very quickly. Rsync is fast because it just sends the differences in the files over the network instead of sending the complete files. Rsync is often used as a very powerful mirroring process or just as a more capable...
rsync security update
An update is available for rsync. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rsync utility enables the users to copy and synchronize files locally or...