rpm package
almalinux/rsync
pkg:rpm/almalinux/rsync
Vulnerabilities (10)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-41035 | Hig | 7.4 | < 3.1.3-25.el8_10 | 3.1.3-25.el8_10 | Apr 16, 2026 | In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xattrs). On Linux, many (but not all) common configurations are vulnerable. Non-Linux platforms are | |
| CVE-2025-10158 | Med | 4.3 | < 3.2.5-3.el9_7.2 | 3.2.5-3.el9_7.2 | Nov 18, 2025 | A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue. | |
| CVE-2024-12747 | Med | 5.6 | < 3.1.3-21.el8_10 | 3.1.3-21.el8_10 | Jan 14, 2025 | A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was p | |
| CVE-2024-12088 | Med | 6.5 | < 3.1.3-21.el8_10 | 3.1.3-21.el8_10 | Jan 14, 2025 | A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary fil | |
| CVE-2024-12087 | Med | 6.5 | < 3.1.3-21.el8_10 | 3.1.3-21.el8_10 | Jan 14, 2025 | A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, | |
| CVE-2024-12085 | Hig | 7.5 | < 3.2.3-20.el9_5.1 | 3.2.3-20.el9_5.1 | Jan 14, 2025 | A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a ti | |
| CVE-2022-37434 | — | < 3.1.3-19.el8 | 3.1.3-19.el8 | Aug 5, 2022 | zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable t | ||
| CVE-2022-29154 | — | < 3.1.3-14.el8_6.3 | 3.1.3-14.el8_6.3 | Aug 2, 2022 | An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of | ||
| CVE-2018-25032 | — | < 3.1.3-14.el8 | 3.1.3-14.el8 | Mar 25, 2022 | zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | ||
| CVE-2016-9840 | Hig | 8.8 | < 3.1.3-23.el8_10 | 3.1.3-23.el8_10 | May 23, 2017 | inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. |
- affected < 3.1.3-25.el8_10fixed 3.1.3-25.el8_10
In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xattrs). On Linux, many (but not all) common configurations are vulnerable. Non-Linux platforms are
- affected < 3.2.5-3.el9_7.2fixed 3.2.5-3.el9_7.2
A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue.
- affected < 3.1.3-21.el8_10fixed 3.1.3-21.el8_10
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was p
- affected < 3.1.3-21.el8_10fixed 3.1.3-21.el8_10
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary fil
- affected < 3.1.3-21.el8_10fixed 3.1.3-21.el8_10
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option,
- affected < 3.2.3-20.el9_5.1fixed 3.2.3-20.el9_5.1
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a ti
- CVE-2022-37434Aug 5, 2022affected < 3.1.3-19.el8fixed 3.1.3-19.el8
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable t
- CVE-2022-29154Aug 2, 2022affected < 3.1.3-14.el8_6.3fixed 3.1.3-14.el8_6.3
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of
- CVE-2018-25032Mar 25, 2022affected < 3.1.3-14.el8fixed 3.1.3-14.el8
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
- affected < 3.1.3-23.el8_10fixed 3.1.3-23.el8_10
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.