Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/05/14 9:31 a.m.12 views

rsync: Rsync: Use-after-free vulnerability in extended attribute handling

A flaw was found in rsync. When rsync is configured to handle extended attributes using the -X or --xattrs option, a remote attacker can exploit a use-after-free vulnerability. This occurs because the receivexattr function incorrectly processes an untrusted length value during a sorting operation...

7.8CVSS6AI score0.00393EPSS
Exploits1References7
EUVD
EUVD
added 2026/04/16 9:31 a.m.5 views

EUVD-2026-23215

In rsync 3.0.1 through 3.4.1, receivexattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X aka --xattrs. On Linux, many but not all common configurations are vulnerable. Non-Linux platforms are more widely vulnerable...

7.4CVSS5.8AI score0.00393EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/16 8:37 a.m.5 views

Improper Handling of Length Parameter Inconsistency

Overview Affected versions of this package are vulnerable to Improper Handling of Length Parameter Inconsistency in the receivexattr function when it relies on an untrusted length value during a qsort call. An attacker can achieve unauthorized access to sensitive information, modify data, or caus...

7.8CVSS5.4AI score0.00393EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/16 6:53 a.m.47 views

CVE-2026-41035

In rsync 3.0.1 through 3.4.1, receivexattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X aka --xattrs. On Linux, many but not all common configurations are vulnerable. Non-Linux platforms are more widely vulnerable...

7.4CVSS0.00393EPSS
Exploits1References3
Rows per page
Query Builder