CVE-2023-42464
Publication date 16 September 2023
Last updated 24 July 2024
Ubuntu priority
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the underlying protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a malicious actor may be able to fully control the value of the pointer and theoretically achieve Remote Code Execution on the host. This issue is similar to CVE-2023-34967.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| netatalk | 24.04 LTS noble |
Vulnerable
|
| 22.04 LTS jammy |
Fixed 3.1.12~ds-9ubuntu0.22.04.3
|
|
| 20.04 LTS focal |
Fixed 3.1.12~ds-4ubuntu0.20.04.3
|
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty |
Not affected
|
Notes
sbeattie
2.x versions and older do not support the spotlight protocol, support introduced in 3.1.0 code affected shares origin with samba's mdssvc.c; this issue is the netatalk version of the samba CVE-2023-34967
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
9.8 · Critical
|
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
References
Related Ubuntu Security Notices (USN)
- USN-6552-1
- Netatalk vulnerability
- 12 December 2023