Copyright © 2012 Red Hat, Inc. All rights reserved. Moderate 2026-05-20T00:45:28 rsync: Rsync: Denial of Service via malformed HTTP proxy response 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CWE-193

A flaw was found in rsync. A network attacker can exploit an off-by-one out-of-bounds stack write vulnerability in the `establish_proxy_connection()` function by sending a malformed HTTP proxy response. This occurs when the `RSYNC_PROXY` environment variable is set and the attacker sends a response line of 1023 or more bytes without a newline terminator. This can corrupt stack memory, potentially leading to a Denial of Service (DoS).

To mitigate this issue, ensure that the `RSYNC_PROXY` environment variable is not set. If rsync is configured to use an HTTP proxy via this variable, unsetting it will prevent exploitation. To unset the `RSYNC_PROXY` environment variable for the current session, use: `unset RSYNC_PROXY`. For a more permanent solution, ensure that `RSYNC_PROXY` is not defined in system-wide or user-specific environment configuration files. Note that this mitigation will disable rsync's ability to use an HTTP proxy, which may impact functionality if proxy usage is required. Red Hat Enterprise Linux 10 Fix deferred rsync Red Hat Enterprise Linux 6 Fix deferred rsync Red Hat Enterprise Linux 7 Fix deferred rsync Red Hat Enterprise Linux 8 Fix deferred rsync Red Hat Enterprise Linux 9 Fix deferred rsync Red Hat OpenShift Container Platform 4 Fix deferred rhcos https://www.cve.org/CVERecord?id=CVE-2026-45232 https://nvd.nist.gov/vuln/detail/CVE-2026-45232 https://github.com/RsyncProject/rsync/releases/tag/v3.4.3 https://github.com/RsyncProject/rsync/security/advisories/GHSA-8f85-j2cv-59m8 https://www.vulncheck.com/advisories/rsync-off-by-one-stack-write-via-http-proxy