PT-2026-42052 · Rsync+3 · Rsync+3

·

CVE-2026-43618

·

Published

2026-05-20

·

Updated

2026-06-30

CVSS v3.1

8.1

High

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions rsync versions prior to 3.4.3
Description An integer overflow exists in the compressed-token decoder due to a 32-bit signed counter that is not checked for overflow. A malicious sender can trigger this overflow, causing the receiver process to read and return data from outside the intended buffer bounds. This allows for the disclosure of process memory contents, such as environment variables, passwords, heap and stack data, and library memory pointers, which reduces the effectiveness of Address Space Layout Randomization (ASLR)—a security technique that randomly arranges the address space positions of key data areas—and facilitates further exploitation.
Recommendations Update to version 3.4.3 or later.

Exploit

Fix

DoS

Out of bounds Read

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

ALSA-2026:26332
ALSA-2026:26408
ALSA-2026:26410
CVE-2026-43618
ECHO-2E68-A24F-D392
GHSA-G37V-G3GJ-PMWQ
JLSEC-2026-629
OESA-2026-2502
OESA-2026-2503
OESA-2026-2504
OESA-2026-2505
OESA-2026-2550
OPENSUSE-SU-2026:10857-1
OPENSUSE-SU-2026:20877-1
SUSE-SU-2026:2038-1
SUSE-SU-2026:2048-1
SUSE-SU-2026:2083-1
SUSE-SU-2026:21726-1
SUSE-SU-2026:21739-1
SUSE-SU-2026:21980-1
SUSE-SU-2026:22015-1
USN-8283-1
USN-8349-1
USN-8349-2
USN-8349-3

Affected Products

Linuxmint
Rocky Linux
Ubuntu
Rsync