Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

CVE-2024-38440

Disclosure Date: June 16, 2024 •

CVE-2024-38440

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Netatalk before 3.2.1 has an off-by-one error, and resultant heap-based buffer overflow and segmentation violation, because of incorrectly using FPLoginExt in BN_bin2bn in etc/uams/uams_dhx_pam.c. The original issue 1097 report stated: ‘The latest version of Netatalk (v3.2.0) contains a security vulnerability. This vulnerability arises due to a lack of validation for the length field after parsing user-provided data, leading to an out-of-bounds heap write of one byte (\0). Under specific configurations, this can result in reading metadata of the next heap block, potentially causing a Denial of Service (DoS) under certain heap layouts or with ASAN enabled. … The vulnerability is located in the FPLoginExt operation of Netatalk, in the BN_bin2bn function found in /etc/uams/uams_dhx_pam.c … if (!(bn = BN_bin2bn((unsigned char *)ibuf, KEYSIZE, NULL))) … threads … [#0] Id 1, Name: “afpd”, stopped 0x7ffff4304e58 in ?? (), reason: SIGSEGV … [#0] 0x7ffff4304e58 mov BYTE PTR [r14+0x8], 0x0 … mov rdx, QWORD PTR [rsp+0x18] … afp_login_ext(obj=<optimized out>, ibuf=0x62d000010424 “”, ibuflen=0xffffffffffff0015, rbuf=<optimized out>, rbuflen=<optimized out>) … afp_over_dsi(obj=0x5555556154c0 <obj>).’ 2.4.1 and 3.1.19 are also fixed versions.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Unknown

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

References

Canonical

CVE-2024-38440 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38440)

Miscellaneous

https://github.com/Netatalk/netatalk/issues/1097

https://github.com/Netatalk/netatalk/blob/90d91a9ac9a7d6132ab7620d31c8c23400949206/etc/uams/uams_dhx_pam.c#L199-L200

https://github.com/Netatalk/netatalk/security/advisories/GHSA-mxx4-9fhm-r3w5

https://netatalk.io/security/CVE-2024-38440

Rapid7

Unknown

CVE-2024-38440

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2024-38440

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2024-38440

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2024-38440

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification