Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:4360-1

Опубликовано: 08 дек. 2022
Источник: suse-cvrf

Описание

Security update for netatalk

This update for netatalk fixes the following issues:

  • CVE-2022-45188: Fixed heap-based buffer overflow in afp_getappl() (bsc#1205393).

Список пакетов

SUSE Linux Enterprise Software Development Kit 12 SP5
libatalk12-3.1.0-3.11.1
netatalk-3.1.0-3.11.1
netatalk-devel-3.1.0-3.11.1
SUSE Linux Enterprise Workstation Extension 12 SP5
libatalk12-3.1.0-3.11.1
netatalk-3.1.0-3.11.1

Описание

Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS).


Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP5:libatalk12-3.1.0-3.11.1
SUSE Linux Enterprise Software Development Kit 12 SP5:netatalk-3.1.0-3.11.1
SUSE Linux Enterprise Software Development Kit 12 SP5:netatalk-devel-3.1.0-3.11.1
SUSE Linux Enterprise Workstation Extension 12 SP5:libatalk12-3.1.0-3.11.1

Ссылки
Уязвимость SUSE-SU-2022:4360-1