CVE-2026-43617

EUVD-2026-31013
Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address, allowing connections from hostnames that administrators intended to deny when reverse DNS resolution fails and defaults to UNKNOWN.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.8 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
sambarsync
𝑥
≤ 3.4.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
rsync
bookworm
vulnerable
bookworm (security)
3.2.7-1+deb12u5
fixed
bullseye
vulnerable
bullseye (security)
3.2.3-4+deb11u4
fixed
forky
3.4.4+ds1-1
fixed
sid
3.4.4+ds1-1
fixed
trixie
vulnerable
trixie (security)
3.4.1+ds1-5+deb13u3
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
rsync
Azure Linux 3.0
0:3.4.3-1.azl3
fixed