Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 436
Alerts This Week
Warning Icon 1 436

Ubuntu 20.04 LTS: USN-5359-2 Moderate: Mitigation for Rsync Flaw

ubuntu
Calendar Grey March 31, 2022
Dist Ubuntu Esm H88
The exploit in Rsync may lead to system crashes or arbitrary code execution via specially designed network packets on Ubuntu installations.
rsync could be made to crash or run programs if it received specially crafted network traffic.

Summary

rsync could be made to crash or run programs if it received specially

crafted network traffic.

Software Description:

- rsync: fast, versatile, remote (and local) file-copying tool

Details:

Danilo Ramos discovered that rsync incorrectly handled memory when

performing certain zlib deflating operations. An attacker could use this

issue to cause rsync to crash, resulting in a denial of service, or

possibly execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
  rsync                           3.1.3-8ubuntu0.3

Ubuntu 18.04 LTS:
  rsync                           3.1.2-2.1ubuntu1.4

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5359-1

CVE-2018-25032

March 31, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.