A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
2025-01-14T18:15:25.467
2025-06-20T18:28:57.620
Analyzed
CVSSv3.1: 6.5 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | samba | rsync | ≤ 3.3.0 | Yes |
| Operating System | almalinux | almalinux | 8.0 | Yes |
| Operating System | almalinux | almalinux | 9.0 | Yes |
| Operating System | almalinux | almalinux | 10.0 | Yes |
| Operating System | archlinux | arch_linux | - | Yes |
| Operating System | gentoo | linux | - | Yes |
| Operating System | nixos | nixos | < 24.11 | Yes |
| Operating System | suse | suse_linux | - | Yes |
| Operating System | tritondatacenter | smartos | < 20250123 | Yes |
| Operating System | redhat | enterprise_linux | 8.0 | Yes |
| Operating System | redhat | enterprise_linux | 9.0 | Yes |
| Operating System | redhat | enterprise_linux_eus | 9.6 | Yes |
| Operating System | redhat | enterprise_linux_for_arm_64 | 8.0_aarch64 | Yes |
| Operating System | redhat | enterprise_linux_for_arm_64 | 9.0_aarch64 | Yes |
| Operating System | redhat | enterprise_linux_for_arm_64_eus | 9.6_aarch64 | Yes |
| Operating System | redhat | enterprise_linux_for_ibm_z_systems | 8.0_s390x | Yes |
| Operating System | redhat | enterprise_linux_for_ibm_z_systems | 9.0_s390x | Yes |
| Operating System | redhat | enterprise_linux_for_ibm_z_systems_eus | 9.6_s390x | Yes |
| Operating System | redhat | enterprise_linux_for_power_little_endian | 8.0_ppc64le | Yes |
| Operating System | redhat | enterprise_linux_for_power_little_endian | 9.0_ppc64le | Yes |
| Operating System | redhat | enterprise_linux_for_power_little_endian_eus | 9.6_ppc64le | Yes |
| Operating System | redhat | enterprise_linux_server_aus | 9.6 | Yes |
| Operating System | redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | 9.6_ppc64le | Yes |
| Operating System | redhat | enterprise_linux_update_services_for_sap_solutions | 9.6 | Yes |