VYPR
Medium severity5.3OSV Advisory· Published Dec 15, 2025· Updated Apr 15, 2026

CVE-2025-67901

CVE-2025-67901

Description

openrsync through 0.5.0, as used in OpenBSD through 7.8 and on other platforms, allows a client to cause a server SIGSEGV by specifying a length of zero for block data, because the relationship between p->rem and p->len is not checked.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Kristapsdz/OpenrsyncOSV2 versions
    VERSION_0, VERSION_0_1_0, VERSION_0_2_0, …+ 1 more
    • (no CPE)range: VERSION_0, VERSION_0_1_0, VERSION_0_2_0, …
    • (no CPE)range: <=0.5.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.