Nullx3D

**Name of the Vulnerable Software and Affected Versions** rsync versions prior to 3.4.3 **Description** A time-of-check to time-of-use (TOCTOU) race condition exists in the daemon file handling. This occurs when an rsync daemon is configured with the `chroot` setting set to false. A local attacker with write access to a module path can replace a parent directory component with a symbolic link between the time the receiver checks the path and the time it calls the `open()` function. This allows the attacker to redirect reads and writes outside the intended directories, enabling the disclosure of basis-files or the creation and overwriting of arbitrary files. If the daemon runs with elevated privileges, this can lead to privilege escalation. **Recommendations** Update to version 3.4.3 or later. Ensure the `chroot` setting is set to true to prevent this issue.