PT-2026-42055 · Rsync+2 · Rsync+2

·

CVE-2026-45232

·

Published

2026-05-20

·

Updated

2026-06-16

CVSS v3.1

3.7

Low

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Name of the Vulnerable Software and Affected Versions rsync versions prior to 3.4.3
Description An off-by-one out-of-bounds stack write exists in the establish proxy connection() function within socket.c. Network attackers can corrupt stack memory by sending a malformed HTTP proxy response. This occurs when the RSYNC PROXY environment variable is set and the attacker, by controlling the proxy server or positioning themselves between the client and proxy, sends a response line of 1023 or more bytes without a newline terminator, resulting in a null byte being written to an out-of-bounds stack address.
Recommendations Update to version 3.4.3 or later. As a temporary workaround, avoid setting the RSYNC PROXY environment variable to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-45232
ECHO-349A-47BF-367B
GHSA-8F85-J2CV-59M8
OESA-2026-2502
OESA-2026-2503
OESA-2026-2504
OESA-2026-2505
OESA-2026-2550
OPENSUSE-SU-2026:10857-1
OPENSUSE-SU-2026:20877-1
SUSE-SU-2026:2038-1
SUSE-SU-2026:2048-1
SUSE-SU-2026:2083-1
SUSE-SU-2026:21726-1
SUSE-SU-2026:21739-1
SUSE-SU-2026:21980-1
SUSE-SU-2026:22015-1
USN-8283-1
USN-8349-1
USN-8349-2
USN-8349-3

Affected Products

Linuxmint
Ubuntu
Rsync