CLSA-2026-1776769741

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1776769741.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1776769741
Upstream
Published
2026-04-21T11:09:06Z
Modified
2026-06-01T00:32:20.332143403Z
Summary
rsync: Fix of 3 CVEs
Details
  • CVE-2017-16548: fix heap overread in receive_xattr by enforcing trailing NUL on received xattr names
  • CVE-2017-17434: sanitize xname in readndxandattrs and check daemon filter against fnamecmp in recvfiles
  • CVE-2018-5764: prevent client from resetting protectargs during the second parsearguments pass on the daemon
References

Affected packages

TuxCare:OracleLinux:6 / rsync

Package

Name
rsync
Purl
pkg:rpm/tuxcare/rsync?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.6-12.el6.tuxcare.els7

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1776769741.json"