Primary

Context

Netatalk Heap Over-Read Vulnerability in EA Header Parsing

Vulnerability

Patched

A heap over-read vulnerability has been identified in Netatalk versions 2.1.0 through 4.4.2. This issue arises from the extended attribute header parsing, which improperly trusts on-disk entry metadata without adequately validating it against the available buffer size. The vulnerability is most relevant when local, NFS, Samba, or other non-AFP access can corrupt AppleDouble metadata. While the likely impact involves a crash or memory over-read rather than arbitrary code execution, the flaw has been assigned a low severity.

Impact

Exploitation of this vulnerability leads to a heap over-read, causing a memory over-read issue that could potentially be exploited for a heap-based memory corruption.

Remediation

Users can upgrade to Netatalk version 4.5.0 or later, which includes the necessary patch. Alternatively, for those using Netatalk 4.4.2, the patch can be applied manually by following the instructions available in the Netatalk repository.

Added: May 21, 2026, 8:32 AM

Updated: May 21, 2026, 8:32 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

3.1

exploitability

4.9

remediation

7.9

relevance

9.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

3.1

exploitability

4.9

remediation

7.9

relevance

9.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netatalk Heap Over-Read Vulnerability in EA Header Parsing

Vulnerability

Impact

Remediation

Affected Products

Netatalk

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating