[Pkg-netatalk-devel] Bug#1052087: CVE-2023-42464: 0-day vulnerability in afpd Spotlight RPC
Daniel Markstedt
daniel at mindani.net
Sun Sep 17 13:50:23 BST 2023
Package: netatalk
Version: 3.1.12~ds-3
Severity: critical
Tags: security
Justification: root security hole
A 0-day vulnerability patch has been published for the upstream project.
The CVE record has not been made public yet, but this is the body of the
advisory for the record:
A Type Confusion vulnerability was found in the Spotlight RPC functions
in Netatalk's afpd daemon. When parsing Spotlight RPC packets, one
encoded data structure is a key-value style dictionary where the keys
are character strings, and the values can be any of the supported types
in the underlying protocol. Due to a lack of type checking in callers of
the dalloc_value_for_key() function, which returns the object associated
with a key, a malicious actor may be able to fully control the value of
the pointer and theoretically achieve Remote Code Execution on the host.
The underlying code for Spotlight queries in Netatalk shares a common
heritage with Samba, and hence the root cause and fix are logically
identical with those described in CVE-2023-34967.
https://github.com/Netatalk/netatalk/issues/486
-- System Information:
Debian Release: 10.13
APT prefers oldoldstable
APT policy: (500, 'oldoldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-12-amd64 (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to C.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to C.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: unable to detect
Versions of packages netatalk depends on:
ii libacl1 2.2.53-4
ii libattr1 1:2.4.48-4
ii libavahi-client3 0.7-4+deb10u1
ii libavahi-common3 0.7-4+deb10u1
ii libc6 2.28-10+deb10u1
ii libdb5.3 5.3.28+dfsg1-0.5
ii libdbus-1-3 1.12.20-0+deb10u1
ii libdbus-glib-1-2 0.110-4
ii libgcrypt20 1.8.4-5+deb10u1
ii libglib2.0-0 2.58.3-2+deb10u3
ii libldap-2.4-2 2.4.47+dfsg-3+deb10u7
ii libpam-modules 1.3.1-5
ii libpam0g 1.3.1-5
ii libtalloc2 2.1.14-2
ii libtdb1 1.3.16-2+b1
ii libtracker-sparql-2.0-0 2.1.8-2
ii libwrap0 7.6.q-28
ii lsb-base 10.2019051400
ii netbase 5.6
ii perl 5.28.1-6+deb10u1
Versions of packages netatalk recommends:
ii avahi-daemon 0.7-4+deb10u1
ii dbus 1.12.20-0+deb10u1
ii lsof 4.91+dfsg-1
ii procps 2:3.3.15-2
ii python3 3.7.3-1
ii python3-dbus 1.2.8-3
ii tracker 2.1.8-2
Versions of packages netatalk suggests:
pn quota <none>
-- no debconf information
More information about the pkg-netatalk-devel
mailing list