CVE-2024-38441

Опубликовано: 16 июн. 2024

Источник: ubuntu

Приоритет: medium

CVSS3: 9.8

Описание

Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[len] to '\0' in FPMapName in afp_mapname in etc/afpd/directory.c. 2.4.1 and 3.1.19 are also fixed versions.

Релиз	Статус	Примечание
devel	not-affected
esm-apps/bionic	released	2.2.6-1ubuntu0.18.04.2+esm2
esm-apps/focal	released	3.1.12~ds-4ubuntu0.20.04.4
esm-apps/jammy	released	3.1.12~ds-9ubuntu0.22.04.4
esm-apps/noble	released	3.1.18~ds-1ubuntu0.1~esm1
esm-apps/xenial	released	2.2.5-1ubuntu0.2+esm2
esm-infra-legacy/trusty	released	2.2.2-1ubuntu2.2+esm2
focal	released	3.1.12~ds-4ubuntu0.20.04.4
jammy	released	3.1.12~ds-9ubuntu0.22.04.4
mantic	ignored	end of life, was needs-triage

Показывать по

Ссылки на источники

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2024-38441

CVSS3: 9.8

nvd

больше 1 года назад

CVE-2024-38441

CVSS3: 9.8

debian

больше 1 года назад

Netatalk before 3.2.1 has an off-by-one error and resultant heap-based ...

GHSA-j764-4v6h-pqp7

CVSS3: 9.8

github

больше 1 года назад

Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[len] to '\0' in FPMapName in afp_mapname in etc/afp/directory.c.

SUSE-SU-2024:2301-1

suse-cvrf

больше 1 года назад

Security update for netatalk

9.8 Critical

CVSS3

CVE-2024-38441

Описание

Пакет netatalk

Ссылки на источники

Связанные уязвимости