Linuxsecurity
Multiple rsync Vulnerabilities Affect Ubuntu 22.04, 24.04, 25.10, and 26.04 LTS
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Several vulnerabilities were identified in the rsync tool affecting multiple Ubuntu LTS versions. CVE-2025-10158 allows remote attackers to cause a denial of service through a heap-based out-of-bounds read. CVE-2026-29518 exposes rsync daemons without chroot protection to race conditions, enabling local attackers to overwrite files or escalate privileges. Additional vulnerabilities (CVE-2026-41035, CVE-2026-43617, CVE-2026-43618, CVE-2026-43619, CVE-2026-45232) were also discovered, some allowing denial of service or information disclosure. Affected systems include Ubuntu 22.04 LTS, 24.04 LTS, 25.10, and 26.04 LTS. Users are advised to update their systems to mitigate these risks.
Key Points: • rsync vulnerabilities affect Ubuntu 22.04, 24.04, 25.10, and 26.04 LTS. • CVE-2025-10158 and CVE-2026-29518 pose significant risks including denial of service and privilege escalation. • Immediate updates are necessary to secure affected systems against these vulnerabilities.