Primary

Context

Netatalk Out-of-Bounds Write Vulnerability in Charset Conversion Function

Vulnerability

Patched

A high-severity out-of-bounds write vulnerability has been identified in Netatalk versions 2.0.4 through 4.4.2. The issue arises in the 'convert_charset()' function, where improper null termination allows data to be written beyond the allocated buffer. This vulnerability could potentially lead to memory corruption or cause the process to crash.

Impact

Exploitation of this vulnerability can result in memory corruption or a process crash.

Remediation

Users can upgrade to Netatalk version 4.4.3 or later, which includes the necessary patch. Alternatively, the patch can be applied to the Netatalk 4.4.2 source tree. Netatalk administrators are advised to upgrade or apply the patch as soon as possible.

Added: May 21, 2026, 8:45 AM

Updated: May 21, 2026, 8:45 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

3.1

exploitability

4.9

remediation

7.9

relevance

9.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

3.1

exploitability

4.9

remediation

7.9

relevance

9.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netatalk Out-of-Bounds Write Vulnerability in Charset Conversion Function

Vulnerability

Impact

Remediation

Affected Products

Netatalk

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating