CNNVD-202512-2613 Information

CNNVD ID

CNNVD-202512-2613

Related CVE

CVE-2025-67901

• CNNVD Published: 2025-12-15

Description (Chinese)

openrsync是Kristaps Dz个人开发者的一个文件同步库。 openrsync 0.5.0及之前版本存在安全漏洞，该漏洞源于客户端可指定零长度块数据导致服务器SIGSEGV。

Description (English)

Openrsync is a file sync library of Kristaps Dz personal developers. Openrsync 0.5.0 and previous versions have a security loophole, which stems from the fact that the client can specify zero-long block data leading to the SIGEV server.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-12-15

Last Modified

2026-02-24

References

https://github.com/openbsd/src/blob/60b9c3dff1abf933e85e3c4d96b54201ee947513/usr.bin/rsync/blocks.c#L480-L481 https://github.com/kristapsdz/openrsync/issues/34 https://access.redhat.com/security/cve/cve-2025-67901