CVE-2026-45232

Name of the Vulnerable Software and Affected Versions rsync versions prior to 3.4.3

Description An off-by-one out-of-bounds stack write exists in the establish proxy connection() function within socket.c. Network attackers can corrupt stack memory by sending a malformed HTTP proxy response. This occurs when the RSYNC PROXY environment variable is set and the attacker, by controlling the proxy server or positioning themselves between the client and proxy, sends a response line of 1023 or more bytes without a newline terminator, resulting in a null byte being written to an out-of-bounds stack address.

Recommendations Update to version 3.4.3 or later. As a temporary workaround, avoid setting the RSYNC PROXY environment variable to minimize the risk of exploitation.