Off-by-One Out-of-Bounds Vulnerability in Rsync by Rsync Project
CVE-2026-45232

2.1LOW

Key Information:

Vendor

Rsyncproject

Status
Rsync
Vendor
CVE Published:
20 May 2026

What is CVE-2026-45232?

Rsync versions prior to 3.4.3 have a flaw in the establish_proxy_connection() function found in socket.c, which could allow network attackers to manipulate stack memory. By exploiting this vulnerability, attackers can insert themselves between the client and the proxy, or control the proxy server to send a malformed HTTP response line containing 1023 or more bytes without a newline terminator. This results in a null byte being written to an out-of-bounds stack address when the RSYNC_PROXY environment variable is active. It is crucial for users to update to version 3.4.3 or later to mitigate potential risks associated with this vulnerability.

Affected Version(s)

rsync 0 < 3.4.3

References

https://github.com/RsyncProject/rsync/security/advisories...
vendor-advisory
https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
release-notes
https://www.vulncheck.com/advisories/rsync-off-by-one-sta...
third-party-advisory

CVSS V4

Score:
2.1
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Michal Ruprich
.