Rsync: info leak via uninitialized stack contents
Summary
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION; Red Hat Enterprise Linux 7 Extended Lifecycle Support; Red Hat Enterprise Linux 8; and 21 more. Affected products named by the advisory: Red Hat Enterprise Linux 8.2 Advanced Update Support; Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support; Red Hat Enterprise Linux 8.4 Telecommunications Update Service; Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions; and 16 more.
What this means
In plain English
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time. Affected products named by the advisory: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION; Red Hat Enterprise Linux 7 Extended Lifecycle Support; Red Hat Enterprise Linux 8; and 21 more.
Recommended action
The parsed official advisory does not currently specify a fixed release, mitigation, or workaround. Review the linked vendor advisory for the latest guidance before making changes.
Rewritten locally from the scraped official advisory data above; no generative API is used. The vendor advisory is authoritative.
- through 3.3.0
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Fixed versions
No fixed release is recorded yet. That does not prove no patch exists — confirm against the vendor advisory.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation
The source record does not include mitigation steps. That is not a statement that no fix exists — read the vendor advisory below for the authoritative guidance.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.