CVE-2026-41035

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-41035
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-41035.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-41035
Downstream
Related
Published
2026-04-16T06:53:05.237Z
Modified
2026-05-28T18:29:20.798712125Z
Severity
  • 7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L CVSS Calculator
Summary
[none]
Details

In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xattrs). On Linux, many (but not all) common configurations are vulnerable. Non-Linux platforms are more widely vulnerable.

Database specific 
{
    "cwe_ids": [
        "CWE-130"
    ],
    "cna_assigner": "mitre",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/41xxx/CVE-2026-41035.json"
}
References

Affected packages

Git / git.samba.org/rsync.git/

Affected ranges

Type
GIT
Repo
https://git.samba.org/rsync.git/
Events
Introduced
325c243210cdb3e8467e78f673043661f86fdf74
Last affected
3305a7a063ab0167cab5bf7029da53abaa9fdb6e
Database specific 
{
    "cpe": "cpe:2.3:a:samba:rsync:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "3.0.1"
        },
        {
            "last_affected": "3.4.1"
        }
    ],
    "source": "CPE_RANGE"
}

Affected versions

v3.*
v3.0.1
v3.0.2
v3.0.3
v3.0.3pre1
v3.0.3pre2
v3.0.3pre3
v3.1.0
v3.1.0pre1
v3.1.1
v3.1.1pre1
v3.1.1pre2
v3.1.2
v3.1.2pre1
v3.1.3
v3.1.3pre1
v3.2.0
v3.2.0pre1
v3.2.0pre2
v3.2.0pre3
v3.2.1
v3.2.1pre1
v3.2.2
v3.2.2pre1
v3.2.2pre2
v3.2.2pre3
v3.2.3
v3.2.3pre1
v3.2.4
v3.2.4pre1
v3.2.4pre2
v3.2.4pre3
v3.2.4pre4
v3.2.5
v3.2.5pre1
v3.2.5pre2
v3.2.6
v3.2.7
v3.2.7pre1
v3.3.0
v3.3.0pre1
v3.4.0
v3.4.1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-41035.json"

Git / github.com/rsyncproject/rsync

Affected ranges

Type
GIT
Repo
https://github.com/rsyncproject/rsync
Events
Introduced
325c243210cdb3e8467e78f673043661f86fdf74
Last affected
3305a7a063ab0167cab5bf7029da53abaa9fdb6e
Database specific 
{
    "extracted_events": [
        {
            "introduced": "3.0.1"
        },
        {
            "last_affected": "3.4.1"
        }
    ],
    "source": "AFFECTED_FIELD"
}

Affected versions

v3.*
v3.0.1
v3.0.2
v3.0.3
v3.0.3pre1
v3.0.3pre2
v3.0.3pre3
v3.1.0
v3.1.0pre1
v3.1.1
v3.1.1pre1
v3.1.1pre2
v3.1.2
v3.1.2pre1
v3.1.3
v3.1.3pre1
v3.2.0
v3.2.0pre1
v3.2.0pre2
v3.2.0pre3
v3.2.1
v3.2.1pre1
v3.2.2
v3.2.2pre1
v3.2.2pre2
v3.2.2pre3
v3.2.3
v3.2.3pre1
v3.2.4
v3.2.4pre1
v3.2.4pre2
v3.2.4pre3
v3.2.4pre4
v3.2.5
v3.2.5pre1
v3.2.5pre2
v3.2.6
v3.2.7
v3.2.7pre1
v3.3.0
v3.3.0pre1
v3.4.0
v3.4.1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-41035.json"