Red Hat Product Errata RHSA-2026:20601 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20601 - Security Advisory Overview Updated Packages Synopsis Important: rsync security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for rsync is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fix(es): rsync: Rsync: Use-after-free vulnerability in extended attribute handling (CVE-2026-41035) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x Fixes BZ - 2458898 - CVE-2026-41035 rsync: Rsync: Use-after-free vulnerability in extended attribute handling CVEs CVE-2026-41035 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 SRPM rsync-3.2.3-9.el9_0.5.src.rpm SHA-256: 32db592fd77552277713eebc6415785831243efc767cd46e504dbdae7c385192 ppc64le rsync-3.2.3-9.el9_0.5.ppc64le.rpm SHA-256: 685a62e996318405770b8213439394d680209328a92267b82fa97a3359e70f93 rsync-daemon-3.2.3-9.el9_0.5.noarch.rpm SHA-256: 188ccb29bab35f72bb77d28fefc00c1c0152ba17c78bc220e65b985bd5fecef8 rsync-debuginfo-3.2.3-9.el9_0.5.ppc64le.rpm SHA-256: 73a504fba306db86ba5f40543a726281913193057668d35bcd7f248f87e76e69 rsync-debugsource-3.2.3-9.el9_0.5.ppc64le.rpm SHA-256: a6342960ef0f945bbed7438496e8aff3fe826cb811445b5443b0db7298b27c7b Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 SRPM rsync-3.2.3-9.el9_0.5.src.rpm SHA-256: 32db592fd77552277713eebc6415785831243efc767cd46e504dbdae7c385192 x86_64 rsync-3.2.3-9.el9_0.5.x86_64.rpm SHA-256: 1f6bef1869c29bfebc7ec8b780ffee85a146fcdf0c9d43442a8d44e67a741583 rsync-daemon-3.2.3-9.el9_0.5.noarch.rpm SHA-256: 188ccb29bab35f72bb77d28fefc00c1c0152ba17c78bc220e65b985bd5fecef8 rsync-debuginfo-3.2.3-9.el9_0.5.x86_64.rpm SHA-256: 09f6726e3e69f524e17f250b38da053c4a148aad5f6d128e9d88305066a2484c rsync-debugsource-3.2.3-9.el9_0.5.x86_64.rpm SHA-256: 28f143833e5129282b2d7b2c67f891e476cd9af13e43fe014c03a786ff86552a Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 SRPM rsync-3.2.3-9.el9_0.5.src.rpm SHA-256: 32db592fd77552277713eebc6415785831243efc767cd46e504dbdae7c385192 aarch64 rsync-3.2.3-9.el9_0.5.aarch64.rpm SHA-256: a006e2d20ed7cb84c44fb79943cf720ee28dfddddd6c271ffbf9c40c2de96c4c rsync-daemon-3.2.3-9.el9_0.5.noarch.rpm SHA-256: 188ccb29bab35f72bb77d28fefc00c1c0152ba17c78bc220e65b985bd5fecef8 rsync-debuginfo-3.2.3-9.el9_0.5.aarch64.rpm SHA-256: 649f3900962703619b97d712cb87ac1d7458371e5d612bdb959e78fe73133549 rsync-debugsource-3.2.3-9.el9_0.5.aarch64.rpm SHA-256: 2f4594eb5c338d2cf29a03c4a4d42dab0d77c5c6d1ab7bdebe3176ba3e23d1e1 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 SRPM rsync-3.2.3-9.el9_0.5.src.rpm SHA-256: 32db592fd77552277713eebc6415785831243efc767cd46e504dbdae7c385192 s390x rsync-3.2.3-9.el9_0.5.s390x.rpm SHA-256: db31ef3095e66b36606da31d1cadbd4962e000e5a51d331b3222945a69c05ab1 rsync-daemon-3.2.3-9.el9_0.5.noarch.rpm SHA-256: 188ccb29bab35f72bb77d28fefc00c1c0152ba17c78bc220e65b985bd5fecef8 rsync-debuginfo-3.2.3-9.el9_0.5.s390x.rpm SHA-256: 828a50a84106b39cb59aef8800b660d9324e56631235d4331f57b9afadf0db23 rsync-debugsource-3.2.3-9.el9_0.5.s390x.rpm SHA-256: 9fba9f7f281c52a690ccb5a878454b1ddb65da02e02c11b3b678742d05304a8c The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .