SUSE CVE-2026-43620

Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recvfiles in receiver.c that allows a malicious rsync server to crash the rsync client process. Attackers can exploit the vulnerability by setting CFINCRECURSE in compatibility flags and sending a...

Rsync < 3.4.3 Out-of-Bounds Array Read via recv_files()

...

CVE-2026-43620

Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recvfiles in receiver.c that allows a malicious rsync server to crash the rsync client process. Attackers can exploit the vulnerability by setting CFINCRECURSE in compatibility flags and sending a...

The vulnerability of the recv_files and read_ndx_and attrs functions in the rsync daemon allows a hacker to circumvent existing access restrictions and compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of rsync exists due to the lack of checks on the filenames fnamecmp in the daemonfilterlist data structure in the recvfiles function in receiver.c, and the absence of a sanitizepaths mechanism for paths found in the “xname follows” strings in the readndxand attrs function in...