Primary

Context

Netatalk Stack Buffer Overflow Vulnerability in Desktop Metadata Processing

Vulnerability

Patched

A stack buffer overflow vulnerability has been identified in Netatalk versions 1.3 through 4.2.2. The issue arises in the 'desktop.c' file, where the application improperly handles long directory entry names, allowing them to overflow a small stack buffer. This vulnerability could lead to a denial-of-service condition. The practical impact may vary depending on whether an authenticated user can manipulate the affected metadata to trigger ownership or mode updates.

Impact

Exploitation of this vulnerability causes a stack buffer overflow, which can lead to arbitrary code execution or a denial-of-service condition, depending on the context of the overflow.

Remediation

Users can upgrade to Netatalk version 4.5.0 or later, which includes the necessary patch. Alternatively, the patch can be applied to a Netatalk 4.4.2 source tree to hotfix the vulnerability.

Added: May 21, 2026, 8:41 AM

Updated: May 21, 2026, 8:41 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

4.9

remediation

7.9

relevance

9.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

4.9

remediation

7.9

relevance

9.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netatalk Stack Buffer Overflow Vulnerability in Desktop Metadata Processing

Vulnerability

Impact

Remediation

Affected Products

Netatalk

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating