Security News

Cybersecurity news aggregator

🐧
HIGH Updates Red Hat Errata

RHSA-2026:19152: Important: rsync security update

rsynclinuxcve-2026-41035cve-2024-12086
Red Hat has issued an Important security update for rsync in RHEL 10 to address CVE-2026-41035, a use-after-free vulnerability in extended attribute handling with a CVSS 3.1 score of 7.4 (High). The advisory also resolves a regression introduced by a previous fix for CVE-2024-12086. Affected users should apply the update via the Red Hat portal, as specific fixed package version numbers are detailed in the errata.
Read Full Article →

Red Hat Product Errata RHSA-2026:19152 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19152 - Security Advisory Overview Updated Packages Synopsis Important: rsync security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for rsync is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fix(es): rsync: Rsync: Use-after-free vulnerability in extended attribute handling (CVE-2026-41035) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x Fixes BZ - 2458898 - CVE-2026-41035 rsync: Rsync: Use-after-free vulnerability in extended attribute handling RHEL-172276 - Fix regression introduced with CVE-2024-12086 fix CVEs CVE-2026-41035 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM rsync-3.4.1-6.el10_2.src.rpm SHA-256: 4f4022f5f95df827565a88377fd7c7daff531bc2f61ecd82b7cd6745fb77e697 x86_64 rsync-3.4.1-6.el10_2.x86_64.rpm SHA-256: 18b32d39889e7d7b23c21c3f60fe7860901d4e8855fcf12d5a6c8b8bb061d1e7 rsync-daemon-3.4.1-6.el10_2.noarch.rpm SHA-256: 335d19b26bc8263b089651b79c48197c76cb028dc6f170e0f04ce3ba0377a57e rsync-debuginfo-3.4.1-6.el10_2.x86_64.rpm SHA-256: 0ad047e23d6d00e6b44770045313a577879a500ade8c4a1ecdf7adb300fc9f5c rsync-debugsource-3.4.1-6.el10_2.x86_64.rpm SHA-256: 2f857bb9f8faeb15244b0e6c59cab0da966d42e871ba1c5900fc2a1047b0a51e rsync-rrsync-3.4.1-6.el10_2.noarch.rpm SHA-256: 217eee132ac41225239ee997c96fb6b1a945d3d6fe7c95a1f5a9797280617bac Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 SRPM rsync-3.4.1-6.el10_2.src.rpm SHA-256: 4f4022f5f95df827565a88377fd7c7daff531bc2f61ecd82b7cd6745fb77e697 x86_64 rsync-3.4.1-6.el10_2.x86_64.rpm SHA-256: 18b32d39889e7d7b23c21c3f60fe7860901d4e8855fcf12d5a6c8b8bb061d1e7 rsync-daemon-3.4.1-6.el10_2.noarch.rpm SHA-256: 335d19b26bc8263b089651b79c48197c76cb028dc6f170e0f04ce3ba0377a57e rsync-debuginfo-3.4.1-6.el10_2.x86_64.rpm SHA-256: 0ad047e23d6d00e6b44770045313a577879a500ade8c4a1ecdf7adb300fc9f5c rsync-debugsource-3.4.1-6.el10_2.x86_64.rpm SHA-256: 2f857bb9f8faeb15244b0e6c59cab0da966d42e871ba1c5900fc2a1047b0a51e rsync-rrsync-3.4.1-6.el10_2.noarch.rpm SHA-256: 217eee132ac41225239ee997c96fb6b1a945d3d6fe7c95a1f5a9797280617bac Red Hat Enterprise Linux for IBM z Systems 10 SRPM rsync-3.4.1-6.el10_2.src.rpm SHA-256: 4f4022f5f95df827565a88377fd7c7daff531bc2f61ecd82b7cd6745fb77e697 s390x rsync-3.4.1-6.el10_2.s390x.rpm SHA-256: 69232a2c7a4fd3037d28f6f9baa0792326dffaff736f93d5ebeeb337f822ac79 rsync-daemon-3.4.1-6.el10_2.noarch.rpm SHA-256: 335d19b26bc8263b089651b79c48197c76cb028dc6f170e0f04ce3ba0377a57e rsync-debuginfo-3.4.1-6.el10_2.s390x.rpm SHA-256: c29a69fa9eb8b1a71439f4828a188a059b0d66b94a7461a859d542f9d1c359a6 rsync-debugsource-3.4.1-6.el10_2.s390x.rpm SHA-256: 226382183c07ffcbc9e4793cae5496682542aac5896c9621147141d1464c0ca8 rsync-rrsync-3.4.1-6.el10_2.noarch.rpm SHA-256: 217eee132ac41225239ee997c96fb6b1a945d3d6fe7c95a1f5a9797280617bac Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 SRPM rsync-3.4.1-6.el10_2.src.rpm SHA-256: 4f4022f5f95df827565a88377fd7c7daff531bc2f61ecd82b7cd6745fb77e697 s390x rsync-3.4.1-6.el10_2.s390x.rpm SHA-256: 69232a2c7a4fd3037d28f6f9baa0792326dffaff736f93d5ebeeb337f822ac79 rsync-daemon-3.4.1-6.el10_2.noarch.rpm SHA-256: 335d19b26bc8263b089651b79c48197c76cb028dc6f170e0f04ce3ba0377a57e rsync-debuginfo-3.4.1-6.el10_2.s390x.rpm SHA-256: c29a69fa9eb8b1a71439f4828a188a059b0d66b94a7461a859d542f9d1c359a6 rsync-debugsource-3.4.1-6.el10_2.s390x.rpm SHA-256: 226382183c07ffcbc9e4793cae5496682542aac5896c9621147141d1464c0ca8 rsync-rrsync-3.4.1-6.el10_2.noarch.rpm SHA-256: 217eee132ac41225239ee997c96fb6b1a945d3d6fe7c95a1f5a9797280617bac Red Hat Enterprise Linux for Power, little endian 10 SRPM rsync-3.4.1-6.el10_2.src.rpm SHA-256: 4f4022f5f95df827565a88377fd7c7daff531bc2f61ecd82b7cd6745fb77e697 ppc64le rsync-3.4.1-6.el10_2.ppc64le.rpm SHA-256: a86ea6d066a2d94be2e07ce67447ec90f65f8f2dd22e93510eb0f2a0bcee30e7 rsync-daemon-3.4.1-6.el10_2.noarch.rpm SHA-256: 335d19b26bc8263b089651b79c48197c76cb028dc6f170e0f04ce3ba0377a57e rsync-debuginfo-3.4.1-6.el10_2.ppc64le.rpm SHA-256: 16dbc95deb5ca2de2d15f2dc1c64d7dd3c1886ad58fdefa74a68dd6383d05aa0 rsync-debugsource-3.4.1-6.el10_2.ppc64le.rpm SHA-256: e6020ddb64d3a63803953d55f44f9d3d6371980dd5bb631da8d34834d912e93e rsync-rrsync-3.4.1-6.el10_2.noarch.rpm SHA-256: 217eee132ac41225239ee997c96fb6b1a945d3d6fe7c95a1f5a9797280617bac Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 SRPM rsync-3.4.1-6.el10_2.src.rpm SHA-256: 4f4022f5f95df827565a88377fd7c7daff531bc2f61ecd82b7cd6745fb77e697 ppc64le rsync-3.4.1-6.el10_2.ppc64le.rpm SHA-256: a86ea6d066a2d94be2e07ce67447ec90f65f8f2dd22e93510eb0f2a0bcee30e7 rsync-daemon-3.4.1-6.el10_2.noarch.rpm SHA-256: 335d19b26bc8263b089651b79c48197c76cb028dc6f170e0f04ce3ba0377a57e rsync-debuginfo-3.4.1-6.el10_2.ppc64le.rpm SHA-256: 16dbc95deb5ca2de2d15f2dc1c64d7dd3c1886ad58fdefa74a68dd6383d05aa0 rsync-debugsource-3.4.1-6.el10_2.ppc64le.rpm SHA-256: e6020ddb64d3a63803953d55f44f9d3d6371980dd5bb631da8d34834d912e93e rsync-rrsync-3.4.1-6.el10_2.noarch.rpm SHA-256: 217eee132ac41225239ee997c96fb6b1a945d3d6fe7c95a1f5a9797280617bac Red Hat Enterprise Linux for ARM 64 10 SRPM rsync-3.4.1-6.el10_2.src.rpm SHA-256: 4f4022f5f95df827565a88377fd7c7daff531bc2f61ecd82b7cd6745fb77e697 aarch64 rsync-3.4.1-6.el10_2.aarch64.rpm SHA-256: dac3a05371b5d185f670f1d2dadfec17c2529ea4afefec97f874608ec50b7879 rsync-daemon-3.4.1-6.el10_2.noarch.rpm SHA-256: 335d19b26bc8263b089651b79c48197c76cb028dc6f170e0f04ce3ba0377a57e rsync-debuginfo-3.4.1-6.el10_2.aarch64.rpm SHA-256: b8eda43500d53709fffba9eeab79fb32717d763665f22a049a3f94cbadcea5f9 rsync-debugsource-3.4.1-6.el10_2.aarch64.rpm SHA-256: a0f97cc27f6b8f91fd02b3bdf9b3f2c84d8dfaa88b359c8c82858d70961ca011 rsync-rrsync-3.4.1-6.el10_2.noarch.rpm SHA-256: 217eee132ac41225239ee997c96fb6b1a945d3d6fe7c95a1f5a9797280617bac Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 SRPM rsync-3.4.1-6.el10_2.src.rpm SHA-256: 4f4022f5f95df827565a88377fd7c7daff531bc2f61ecd82b7cd6745fb77e697 aarch64 rsync-3.4.1-6.el10_2.aarch64.rpm SHA-256: dac3a05371b5d185f670f1d2dadfec17c2529ea4afefec97f874608ec50b7879 rsync-daemon-3.4.1-6.el10_2.noarch.rpm SHA-256: 335d19b26bc8263b089651b79c48197c76cb028dc6f170e0f04ce3ba0377a57e rsync-debuginfo-3.4.1-6.el10_2.aarch64.rpm SHA-256: b8eda43500d53709fffba9eeab79fb32717d763665f22a049a3f94cbadcea5f9 rsync-debugsource-3.4.1-6.el10_2.aarch64.rpm SHA-256: a0f97cc27f6b8f91fd02b3bdf9b3f2c84d8dfaa88b359c8c82858d70961ca011 rsync-rrsync-3.4.1-6.el10_2.noarch.rpm SHA-256: 217eee132ac41225239ee997c96fb6b1a945d3d6fe7c95a1f5a9797280617bac Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 SRPM rsync-3.4.1-6.el10_2.src.rpm SHA-256: 4f4022f5f95df827565a88377fd7c7daff531bc2f61ecd82b7cd6745fb77e697 aarch64 rsync-3.4.1-6.el10_2.aarch64.rpm SHA-256: dac3a05371b5d185f670f1d2dadfec17c2529ea4afefec97f874608ec50b7879 rsync-daemon-3.4.1-6.el10_2.noarch.rpm SHA-256: 335d19b26bc8263b089651b79c48197c76cb028dc6f170e0f04ce3ba0377a57e rsync-debuginfo-3.4.1-6.el10_2.aarch64.rpm SHA-256: b8eda43500d53709fffba9eeab79fb32717d763665f22a049a3f94cbadcea5f9 rsync-debugsource-3.4.1-6.el10_2.aarch64.rpm SHA-256: a0f97cc27f6b8f91fd02b3bdf9b3f2c84d8dfaa88b359c8c82858d70961ca011 rsync-rrsync-3.4.1-6.el10_2.noarch.rpm SHA-256: 217eee132ac41225239ee997c96fb6b1a945d3d6fe7c95a1f5a9797280617bac Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 SRPM rsync-3.4.1-6.el10_2.src.rpm SHA-256: 4f4022f5f95df827565a88377fd7c7daff531bc2f61ecd82b7cd6745fb77e697 s390x rsync-3.4.1-6.el10_2.s390x.rpm SHA-256: 69232a2c7a4fd3037d28f6f9baa0792326dffaff736f93d5ebeeb337f822ac79 rsync-daemon-3.4.1-6.el10_2.noarch.rpm SHA-256: 335d19b26bc8263b089651b79

Related Articles

HIGH RHSA-2026:19368: Important: rsync security update Red Hat Errata MEDIUM RHSA-2026:17789: Important: Red Hat build of Cryostat 4.2.0: new RHEL 9 container image security update Red Hat Errata HIGH RHSA-2026:20603: Important: rsync security update Red Hat Errata MEDIUM RHSA-2026:20696: Important: rsync security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn