You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 10158
About this tag
CVE-2025-10158 is a vulnerability in the rsync file-synchronization utility that allows a malicious rsync receiver to trigger an out-of-bounds read of a heap buffer via a negative array index. The issue was fixed upstream in a small commit. Organizations running rsync daemons or allowing untrusted access to rsync modules should prioritize patching and mitigation. This tag covers discussions about the vulnerability, its impact, and remediation steps for Windows and Linux systems using rsync.
A newly disclosed vulnerability in the widely used file-synchronization utility rsync — tracked as CVE-2025-10158 — allows a malicious rsync receiver to induce an out-of-bounds read of a heap buffer by exploiting a negative array index; the issue was fixed upstream in a small commit but remains...