CVE-2024-38441

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-38441

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38441.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-38441

Downstream

DEBIAN-CVE-2024-38441

DLA-3968-1

SUSE-SU-2024:2301-1

UBUNTU-CVE-2024-38441

USN-7347-1

Related

GHSA-mj6v-cr68-mj9q
MGASA-2024-0259
SUSE-SU-2024:2301-1

Published

2024-06-16T13:15:53Z

Modified

2025-09-19T15:03:28.310286Z

Summary

[none]

Details

Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[len] to '\0' in FPMapName in afp_mapname in etc/afpd/directory.c. 2.4.1 and 3.1.19 are also fixed versions.

References

Affected packages

Git / github.com/netatalk/netatalk

Affected ranges

Type: GIT
Repo: https://github.com/netatalk/netatalk
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1f9fce6aca3683a8030d23ec2de1aa6051f8ebd7

Affected versions

Other

netatalk-2-2-10

netatalk-2-2-6

netatalk-2-2-7

netatalk-2-2-8

netatalk-2-2-9

netatalk-2-3-0

netatalk-2-3-1

netatalk-2-3-2

netatalk-2-4-0