Arch linux
This hub aggregates every CVE we track for Arch linux, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
2
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM4HIGH2CRITICAL2
Monthly trend
0
0
0
0
0
5
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 8 most recently published vulnerabilities affecting Arch linux.
- CVE-2024-12084Rsync: heap buffer overflow in rsync due to improper checksum length handling9.8
- CVE-2024-12087Rsync: path traversal vulnerability in rsync6.5
- CVE-2024-12088Rsync: --safe-links option bypass leads to path traversal6.5
- CVE-2024-12086Rsync: rsync server leaks arbitrary client files6.1
- CVE-2024-12085Rsync: info leak via uninitialized stack contents7.5
- CVE-2024-3094Xz: malicious code in distributed source10.0
- CVE-2020-28928In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).5.5
- CVE-2020-5291Privilege escalation in setuid mode via user namespaces in Bubblewrap7.2
Product normalization is registry-driven with AI assist and human review. How it works