Primary

Context

Netatalk Stack Buffer Overflow Vulnerability in Charset Conversion Function

Vulnerability

Patched

A stack buffer overflow vulnerability has been identified in Netatalk versions 2.0.4 through 4.4.2. This issue arises from a type confusion related to UCS-2 encoding in the 'convert_charset()' function, allowing for potential memory corruption. An authenticated client could exploit this vulnerability, possibly leading to a process crash or more extensive memory corruption.

Impact

Exploitation of this vulnerability can cause a process crash, with the potential for more severe memory corruption effects.

Remediation

Users can upgrade to Netatalk version 4.4.3 or later, which includes the necessary patch. Alternatively, the patch can be applied to a Netatalk 4.4.2 source tree.

Added: May 21, 2026, 8:46 AM

Updated: May 21, 2026, 8:46 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

1.9

exploitability

4.9

remediation

7.9

relevance

9.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

1.9

exploitability

4.9

remediation

7.9

relevance

9.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netatalk Stack Buffer Overflow Vulnerability in Charset Conversion Function

Vulnerability

Impact

Remediation

Affected Products

Netatalk

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating