我們使用 cookie 來幫助我們改善網頁體驗。請閱讀我們的 Cookie 政策

AS-2023-005: Netatalk

2023-06-29

Severity

Moderate

Status

Resolved


Statement

The Netatalk development team disclosed multiple fixed vulnerabilities affecting earlier versions of the software on the latest release of Netatalk 3.1.13: CVE-2022-43634 and CVE-2022-45188.

  • Netatalk 3.1.13 patch has been updated on ADM 4.2.2.RI61 and ADM 4.0.6.RIS1 to resolve the issue.

Affected Products

Product Severity Fixed Release Availability
ADM 4.2 and 4.1 Moderate Upgrade to ADM 4.2.2.RI61 or above.
ADM 4.0 Moderate Upgrade to 4.0.6.RIS1 or above.

Mitigation

Netatalk provides file access through AFP (Apple Filing Protocol) on ADM. AFP service has been disabled by default since ADM 4.0. We recommend using SMB protocol instead when connecting from macOS.


Detail

  • CVE-2022-43634
    • Severity: Important
    • This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dsi_writeinit function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-17646.
  • CVE-2022-45188
    • Severity: High
    • Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD.

Reference


Revision

Revision Date Description
1 2023-05-17 Initial public release.
2 2023-06-06 Release ADM 4.2.2.RI61 to update Netatalk package for fixing the issue.
3 2023-06-06 Release ADM 4.0.6.RIS1 to update Netatalk package for fixing the issue.