2447 matches found
CVE-2026-41035
CVE-2026-41035 affects rsync versions 3.0.1 through 3.4.1. The vulnerability stems from receive_xattr using an untrusted length value during a qsort, causing a receiver use-after-free when the -X/--xattrs option is used. Impact is described as low for confidentiality/integrity/availability, with ...
CVE-2026-41035
In rsync 3.0.1 through 3.4.1, receivexattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X aka --xattrs. On Linux, many but not all common configurations are vulnerable. Non-Linux platforms are more widely vulnerable...
CVE-2026-41035
In rsync 3.0.1 through 3.4.1, receivexattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X aka --xattrs. On Linux, many but not all common configurations are vulnerable. Non-Linux platforms are more widely vulnerable...
CVE-2026-41035
In rsync 3.0.1 through 3.4.1, receivexattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X aka --xattrs. On Linux, many but not all common configurations are vulnerable. Non-Linux platforms are more widely vulnerable...
CVE-2026-41035
In rsync 3.0.1 through 3.4.1, receivexattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X aka --xattrs. On Linux, many but not all common configurations are vulnerable. Non-Linux platforms are more widely vulnerable...
Linux Distros Unpatched Vulnerability : CVE-2026-41035
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In rsync 3.0.1 through 3.4.1, receivexattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run...
Rsync 安全漏洞
Rsync is a fast and versatile file copying tool developed by RsyncProject. It is used for both remote and local files. Versions of Rsync from 3.0.1 to 3.4.1 contain security vulnerabilities. These vulnerabilities stem from the use of untrusted length values in the receivexattr function during the...
PT-2026-33280
Name of the Vulnerable Software and Affected Versions rsync versions 3.0.1 through 3.4.1 Description The receive xattr function relies on an untrusted length value during a qsort call, which can lead to a use-after-free condition on the receiver side. This occurs when the victim runs the software...
AlmaLinux 10 : rsync (ALSA-2026:6825)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:6825 advisory. rsync: Rsync: Out of bounds array access via negative index CVE-2025-10158 Tenable has extracted the preceding description block directly from the AlmaLinux...
rsync security update
An update is available for rsync. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rsync utility enables the users to copy and synchronize files locally or...
RLSA-2026:6825 Moderate: rsync security update
The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...
CLSA-2026-1775723827 rsync: Fix of CVE-2025-10158
CVE-2025-10158: fix invalid access to files array via negative parentndx...
rsync security update
An update is available for rsync. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rsync utility enables the users to copy and synchronize files locally or...
RLSA-2026:6436 Moderate: rsync security update
The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...
RockyLinux 10 : rsync (RLSA-2026:6825)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:6825 advisory. rsync: Rsync: Out of bounds array access via negative index CVE-2025-10158 Tenable has extracted the preceding description block directly from the RockyLinux...
RockyLinux 8 : rsync (RLSA-2026:6436)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:6436 advisory. rsync: Rsync: Out of bounds array access via negative index CVE-2025-10158 Tenable has extracted the preceding description block directly from the RockyLinux...
RHSA-2026:6825 Red Hat Security Advisory: rsync security update
Bulletin has no description...
rsync: Rsync: Out of bounds array access via negative index
An out of bounds read flaw has been discovered in rsync. A malicious client acting as the receiver of an rsync file transfer can trigger an OOB read via a negative array index. The rsync client requires at least read access to the remote rsync module to trigger the issue...
Moderate: Red Hat Security Advisory: rsync security update
An update for rsync is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
rsync security update
An update is available for rsync. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rsync utility enables the users to copy and synchronize files locally or...