CRITICAL🇵🇱 Wersja polska

CVE-2024-38441

CVSS 9.8v3.1pub. 2024-06-16upd. 2025-11-03

Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[len] to '\0' in FPMapName in afp_mapname in etc/afpd/directory.c. 2.4.1 and 3.1.19 are also fixed versions.

🤖 AI Analysis
How it works

The vulnerability occurs in the afp_mapname function in the file etc/afpd/directory.c, where setting ibuf[len] to a null character ('\0') extends one byte beyond the proper buffer boundary (off-by-one error, CWE-193). This results in writing one byte beyond the allocated heap area, causing a heap-based buffer overflow. Since the vulnerability is accessible over the network without authentication and requires no user interaction, an attacker can send a specially crafted AFP request to the Netatalk service, triggering the vulnerable code path.

Impact

An attacker can gain full control of the system, including access to sensitive data, ability to modify data, and cause service unavailability (high impact on confidentiality, integrity, and availability).

Mitigation & patch

Netatalk should be updated to version 3.2.1, 2.4.1, or 3.1.19 (depending on the branch used). If immediate update is not possible, it is recommended to restrict access to the AFP service (port 548/TCP) exclusively to trusted hosts using a firewall or ACL lists.

Who is affected

Netatalk in versions prior to 3.2.1; patched versions include 2.4.1 and 3.1.19

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Netatalk

    APP
    Netatalk
    3.2.02.0.0 – 2.4.1 (bez)3.0 – 3.1.19 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2024-38439CRITICAL9.8PL ✓ten sam produkt

Netatalk: heap-based buffer overflow w obsłudze logowania FPLoginExt

CVE-2023-42464CRITICAL9.8ten sam produkt

A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.1...

CVE-2022-43634CRITICAL9.8ten sam produkt

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Au...

CVE-2022-23121CRITICAL9.8ten sam produkt

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Au...

CVE-2022-23122CRITICAL9.8ten sam produkt

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Au...