Red Hat RHSA-2026:19368 Security Advisory for rsync (CVE-2024-12086/CVE-2026-41035)

RHSA-2026:19368 - Security Advisory Vulnerability Overview Vulnerability Name: rsync security update Impact Level: Important Vulnerability Description: The rsync utility allows users to copy and synchronize files locally or over a network. rsync synchronization is fast because it only sends the differences between files, rather than sending entire files. The rsync utility is also used as a mirroring tool. Security Fixes: - rsync: rsync server leaks arbitrary client files (CVE-2024-12086) - rsync: Rsync: use-after-free vulnerability in extended attribute handling (CVE-2026-41035) Affected Systems Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Solution Reference Link: https://access.redhat.com/articles/11258 Fix Details BZ - 2320577 - CVE-2024-12086: rsync: rsync server leaks arbitrary client files BZ - 2458038 - CVE-2026-41035: Rsync: use-after-free vulnerability in extended attribute handling CVEs CVE-2024-12086 CVE-2026-41035 References https://access.redhat.com/security/updates/classification#important

Goal Reached Thanks to every supporter — we hit 100%!

Red Hat RHSA-2026:19368 Security Advisory for rsync (CVE-2024-12086/CVE-2026-41035)