VDB
RHSA-2026%3A29197
RHSA-2026%3A29197
PUBLISHED
CVSS 6.099999904632568 MEDIUM
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.
Risk Scores
CVSS 3.1
6.099999904632568
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | registry.redhat.io/discovery/discovery-ui-rhel9@sha256:16b33ed961e598805d155db8fea7bb293fb8ef95ddd45169c61fbeb5a8944b6b_amd64 as a component of Red Hat Discovery 2 | * |
| Red Hat | registry.redhat.io/discovery/discovery-ui-rhel9@sha256:335f5d49155804969d193c3104fd144d7e499e2d5433965b217f379cbcf1cc75_arm64 as a component of Red Hat Discovery 2 | * |
| Red Hat | registry.redhat.io/discovery/discovery-server-rhel9@sha256:6a26bc89c61e7fad594399ceda8e170d66fa241d818eada7a12d9fec6bb08ecc_amd64 as a component of Red Hat Discovery 2 | * |
| Red Hat | registry.redhat.io/discovery/discovery-server-rhel9@sha256:ccd969d2710875e82896556e7b3c02e39147d03612452af6b0a916b656ce5b34_arm64 as a component of Red Hat Discovery 2 | * |
Timeline
- Jun 24, 2026 CVE Published
- Jun 30, 2026 CVE Updated
- Jun 30, 2026 Distribution Patch
- Jun 30, 2026 Distribution Patch
- Jun 30, 2026 Security Advisory
- Jun 30, 2026 Security Advisory
- Jun 30, 2026 Security Advisory
- Jun 30, 2026 Security Advisory
- Jun 30, 2026 Security Advisory
- Jun 30, 2026 Security Advisory
- Jun 30, 2026 Security Advisory
- Jun 30, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2026:29197 advisory
- https://access.redhat.com/security/cve/CVE-2024-12086 advisory
- https://access.redhat.com/security/cve/CVE-2025-14087 advisory
- https://access.redhat.com/security/cve/CVE-2025-14512 advisory
- https://access.redhat.com/security/cve/CVE-2026-28390 advisory
- https://access.redhat.com/security/cve/CVE-2026-29518 advisory
- https://access.redhat.com/security/cve/CVE-2026-33845 advisory
- https://access.redhat.com/security/cve/CVE-2026-33846 advisory
- https://access.redhat.com/security/cve/CVE-2026-34180 advisory
- https://access.redhat.com/security/cve/CVE-2026-34181 advisory
- https://access.redhat.com/security/cve/CVE-2026-34182 advisory
- https://access.redhat.com/security/cve/CVE-2026-34183 advisory
- https://access.redhat.com/security/cve/CVE-2026-3832 advisory
- https://access.redhat.com/security/cve/CVE-2026-3833 advisory
- https://access.redhat.com/security/cve/CVE-2026-40355 advisory
- https://access.redhat.com/security/cve/CVE-2026-40356 advisory
- https://access.redhat.com/security/cve/CVE-2026-4046 advisory
- https://access.redhat.com/security/cve/CVE-2026-41035 advisory
- https://access.redhat.com/security/cve/CVE-2026-42009 advisory
- https://access.redhat.com/security/cve/CVE-2026-42010 advisory
…and 250 more