netatalk.io

Netatalk Security Advisory

Subject
Arbitrary code execution in afp_getappl
CVE ID
CVE-2022-45188
Date of Publishing
2023/03/26 advisory published retroactively; date is approximate
Affected Netatalk Versions
3.0.0 - 3.1.14
1.5.0 - 2.2.8
Summary
Heap-based buffer overflow resulting in code execution via a crafted .appl file

Description

Netatalk has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (demonstrated on TrueNAS).

Patch Availability

Apply the patch with git hash dfab568 to hotfix your local Netatalk deployment.

Additionally, Netatalk 3.1.15 and 2.2.9 have been released which contains the security patch. Netatalk administrators are advised to upgrade to this version or apply the patch as soon as possible.

CVSS Calculation

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (7.8)

Workaround

None.

Credits

Vulnerability found and reported by:
rushbnt
Patch developed by:
dgsga of the Netatalk team

Go back to Support