Alerts This Week
Warning Icon 1 664
Alerts This Week
Warning Icon 1 664

Fedora 43 Rclone Security Advisory 2026-2bb2aee489 Denial of Service

fedora
Calendar Grey May 11, 2026
Dist Fedora Esm H88
Addressing critical issues in rclone for Fedora 43, including denial of service and unauthorized access vulnerabilities.
Update to 1.74.0

Summary

"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Drive,

Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex

Files.

Update Information:

Update to 1.74.0

Topics%20covered

Topics Covered

security advisory denial of service fedora local privilege escalation open redirect rclone

Change Log

* Sat May 2 2026 Mikel Olasagasti Uranga - 1.74.0-2 - Fix tests failing with Go 1.25 * Fri May 1 2026 Mikel Olasagasti Uranga - 1.74.0-1 - Update to 1.74.0 - Closes rhbz#2459511

References


[ 1 ] Bug #2441180 - CVE-2025-69725 rclone: Go-chi/chi: Open Redirect vulnerability allows redirection to malicious websites [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2441180 [ 2 ] Bug #2456042 - CVE-2026-33817 rclone: go.etcd.io/bbolt: Denial of Service via index out-of-range error [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2456042 [ 3 ] Bug #2461128 - CVE-2026-41176 rclone: Rclone: Unauthorized access to administrative functions through unauthenticated Remote Control endpoint. [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2461128 [ 4 ] Bug #2463186 - CVE-2026-3006 rclone: winfsp: Local privilege escalation via race condition and kernel heap overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2463186 [ 5 ] Bug #2464137 - CVE-2026-41179 rclone: Rclone: Unauthenticated local command execution via exposed RC endpoint [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-2bb2aee489' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: rclone
Product: Fedora 43
Version: 1.74.0
Release: 2.fc43
URL: https://github.com/rclone/rclone
Summary: Rsync for cloud storage

Topics%20covered

Topics Covered

security advisory denial of service fedora local privilege escalation open redirect rclone

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here