A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NAlmalinux
OSAlmalinux10.08.09.0Archlinux Arch Linux
OSArchlinuxwszystkie wersjeGentoo Linux
OSGentoowszystkie wersjeNixos
OSNixos< 24.11Red Hat Enterprise Linux
OSRedhat8.09.0Red Hat Enterprise Linux Eus
OSRedhat8.89.29.49.6Red Hat Enterprise Linux For Arm 64
OSRedhat8.0_aarch649.0_aarch649.2_aarch64Red Hat Enterprise Linux For Arm 64 Eus
OSRedhat8.8_aarch649.4_aarch649.6_aarch64Red Hat Enterprise Linux For IBM Z Systems
OSRedhat8.0_s390x9.0_s390x9.2_s390xRed Hat Enterprise Linux For IBM Z Systems Eus
OSRedhat8.8_s390x9.4_s390x9.6_s390xRed Hat Enterprise Linux For Power Little Endian
OSRedhat8.0_ppc64le8.8_ppc64le9.0_ppc64le9.2_ppc64leRed Hat Enterprise Linux For Power Little Endian Eus
OSRedhat9.4_ppc64le9.6_ppc64leRed Hat Enterprise Linux Server
OSRedhat6.07.0Red Hat Enterprise Linux Server Aus
OSRedhat8.28.48.69.29.49.6Red Hat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
OSRedhat8.4_ppc64le8.6_ppc64le8.8_ppc64le9.0_ppc64le9.2_ppc64le9.4_ppc64le9.6_ppc64leRed Hat Enterprise Linux Server Tus
OSRedhat8.48.68.8Red Hat Enterprise Linux Update Services For Sap Solutions
OSRedhat8.48.69.09.29.6Red Hat Openshift
APPRedhat5.0Red Hat OpenShift Container Platform
APPRedhat4.124.134.144.154.164.17Samba Rsync
APPSamba< 3.3.0SUSE Linux
OSSusewszystkie wersjeTritondatacenter Smartos
OSTritondatacenter< 20250123
Related vulnerabilities
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the s...
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. A...
A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main...