 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2024-38440 |
| Description: | Netatalk 3.2.0 has an off-by-one error, and resultant heap-based
buffer overflow and segmentation violation, because of incorrectly
using FPLoginExt in BN_bin2bn in etc/uams/uams_dhx_pam.c. The original
issue 1097 report stated: 'The latest version of Netatalk (v3.2.0)
contains a security vulnerability. This vulnerability arises due to a
lack of validation for the length field after parsing user-provided
data, leading to an out-of-bounds heap write of one byte (\0). Under
specific configurations, this can result in reading metadata of the
next heap block, potentially causing a Denial of Service (DoS) under
certain heap layouts or with ASAN enabled. ... The vulnerability is
located in the FPLoginExt operation of Netatalk, in the BN_bin2bn
function found in /etc/uams/uams_dhx_pam.c ... if (!(bn =
BN_bin2bn((unsigned char *)ibuf, KEYSIZE, NULL))) ... threads ... [#0]
Id 1, Name: "afpd", stopped 0x7ffff4304e58 in ?? (), reason: SIGSEGV
... [#0] 0x7ffff4304e58 mov BYTE PTR [r14+0x8], 0x0 ... mov rdx, QWORD
PTR [rsp+0x18] ... afp_login_ext(obj= |
| Test IDs: | None available |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2024-38440 https://github.com/Netatalk/netatalk/blob/90d91a9ac9a7d6132ab7620d31c8c23400949206/etc/uams/uams_dhx_pam.c#L199-L200 https://github.com/Netatalk/netatalk/issues/1097 |
© 1998-2025 E-Soft Inc. All rights reserved.