Unknown
CVE-2024-38440
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)Unknown
(0 users assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Netatalk before 3.2.1 has an off-by-one error, and resultant heap-based buffer overflow and segmentation violation, because of incorrectly using FPLoginExt in BN_bin2bn in etc/uams/uams_dhx_pam.c. The original issue 1097 report stated: ‘The latest version of Netatalk (v3.2.0) contains a security vulnerability. This vulnerability arises due to a lack of validation for the length field after parsing user-provided data, leading to an out-of-bounds heap write of one byte (\0). Under specific configurations, this can result in reading metadata of the next heap block, potentially causing a Denial of Service (DoS) under certain heap layouts or with ASAN enabled. … The vulnerability is located in the FPLoginExt operation of Netatalk, in the BN_bin2bn function found in /etc/uams/uams_dhx_pam.c … if (!(bn = BN_bin2bn((unsigned char *)ibuf, KEYSIZE, NULL))) … threads … [#0] Id 1, Name: “afpd”, stopped 0x7ffff4304e58 in ?? (), reason: SIGSEGV … [#0] 0x7ffff4304e58 mov BYTE PTR [r14+0x8], 0x0 … mov rdx, QWORD PTR [rsp+0x18] … afp_login_ext(obj=<optimized out>
, ibuf=0x62d000010424 “”, ibuflen=0xffffffffffff0015, rbuf=<optimized out>
, rbuflen=<optimized out>
) … afp_over_dsi(obj=0x5555556154c0 <obj>
).’ 2.4.1 and 3.1.19 are also fixed versions.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
References
Additional Info
Technical Analysis
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below: