PT-2026-42052 · Rsync+3 · Rsync+3
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
rsync versions prior to 3.4.3
Description
An integer overflow exists in the compressed-token decoder due to a 32-bit signed counter that is not checked for overflow. A malicious sender can trigger this overflow, causing the receiver process to read and return data from outside the intended buffer bounds. This allows for the disclosure of process memory contents, such as environment variables, passwords, heap and stack data, and library memory pointers, which reduces the effectiveness of Address Space Layout Randomization (ASLR)—a security technique that randomly arranges the address space positions of key data areas—and facilitates further exploitation.
Recommendations
Update to version 3.4.3 or later.
Exploit
Fix
DoS
Out of bounds Read
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linuxmint
Rocky Linux
Ubuntu
Rsync