VYPR

rpm package

suse/rsync&distro=SUSE Linux Enterprise Server 16.0

pkg:rpm/suse/rsync&distro=SUSE%20Linux%20Enterprise%20Server%2016.0

Vulnerabilities (8)

  • CVE-2026-29518HigMay 20, 2026
    affected < 3.4.1-160000.4.1fixed 3.4.1-160000.4.1

    Rsync versions before 3.4.3 contain a time-of-check to time-of-use (TOCTOU) race condition in daemon file handling that allows attackers to redirect file writes outside intended directories by replacing parent directory components with symbolic links. Attackers with write access

  • CVE-2026-45232LowMay 20, 2026
    affected < 3.4.1-160000.4.1fixed 3.4.1-160000.4.1

    Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by posit

  • CVE-2026-43620MedMay 20, 2026
    affected < 3.4.1-160000.4.1fixed 3.4.1-160000.4.1

    Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recv_files() in receiver.c that allows a malicious rsync server to crash the rsync client process. Attackers can exploit the vulnerability by setting CF_INC_RECURSE in compatibility fl

  • CVE-2026-43619MedMay 20, 2026
    affected < 3.4.1-160000.4.1fixed 3.4.1-160000.4.1

    Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported r

  • CVE-2026-43618HigMay 20, 2026
    affected < 3.4.1-160000.4.1fixed 3.4.1-160000.4.1

    Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow, allowing a malicious sender to trigger an overflow that causes the receiver process to read and return data from outs

  • CVE-2026-43617MedMay 20, 2026
    affected < 3.4.1-160000.4.1fixed 3.4.1-160000.4.1

    Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address,

  • CVE-2026-41035HigApr 16, 2026
    affected < 3.4.1-160000.4.1fixed 3.4.1-160000.4.1

    In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xattrs). On Linux, many (but not all) common configurations are vulnerable. Non-Linux platforms are

  • CVE-2025-10158MedNov 18, 2025
    affected < 3.4.1-160000.4.1fixed 3.4.1-160000.4.1

    A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue.