Rsync is a popular command-line utility for synchronizing files between two locations. It's commonly used in various Linux distributions and server environments to manage file copies. The vulnerability in rsync allows an attacker to write malicious files to arbitrary locations on the client system, potentially leading to data corruption or unauthorized access.
You're affected if you use rsync versions 3.1.0-1 to 3.2.9.
Check with: rsync --version and look for the --inc-recursive option in the output.
Note: Rsync is a command-line tool, so it's not typically used directly by end-users. However, system administrators and developers who use rsync might be affected.
sudo apt-get update && sudo apt-get install rsync--inc-recursive option by setting the RSYNC_IGNORE_EMPTY DirecTORY environment variable to /true.export RSYNC_IGNORE_EMPTY_DIRCTORY=true