CVE-2026-43620

A flaw was found in rsync. A malicious rsync server can exploit an out-of-bounds read vulnerability in the recvfiles function. By manipulating compatibility flags and transfer records, the server can cause a connecting client to attempt to read memory outside of allocated bounds. This can lead to...

CVE-2026-43620

Rsync 3.4.2 and earlier are affected by a receiver-side out-of-bounds array read in recv_files() (receiver.c). The underlying cause is a mismanaged pointer array leading to an 8-byte read before the allocated array, allowing a crafted file list (with CF_INC_RECURSE enabled, first sorted entry not...

Access Control Bypass

rsync is vulnerable to access control bypass. A remote attacker is able to bypass access restrictions as the daemon does not check for fnamecmp filenames in the daemonfilterlist data structure in recvfiles function in receiver.c. The sanitizepaths protection mechanism is also not applied to...

Access Control Bypass

rsync is vulnerable to access control bypass. The recvfiles function in receiver.c does not check for a filename in the daemonfilterlist data structure, allowing remote attackers to bypass intended access restrictions...

Huawei EulerOS: Security Advisory for rsync (EulerOS-SA-2018-1244)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

rsync -- multiple vulnerabilities

Jeriko One reports: The receivexattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified...