Netatalk Security Advisory
- Subject
- Arbitrary code execution in afp_getappl
- CVE ID
- CVE-2022-45188
- Date of Publishing
- 2023/03/26 advisory published retroactively; date is approximate
- Affected Netatalk Versions
- 3.0.0 - 3.1.14
- 1.5.0 - 2.2.8
- Summary
- Heap-based buffer overflow resulting in code execution via a crafted .appl file
Description
Netatalk has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (demonstrated on TrueNAS).
Patch Availability
Apply the patch with git hash dfab568 to hotfix your local Netatalk deployment.
Additionally, Netatalk 3.1.15 and 2.2.9 have been released which contains the security patch. Netatalk administrators are advised to upgrade to this version or apply the patch as soon as possible.
CVSS Calculation
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (7.8)
Workaround
None.
Credits
- Vulnerability found and reported by:
- rushbnt
- Patch developed by:
- dgsga of the Netatalk team
