Headline
Ubuntu Security Notice USN-6552-1
Ubuntu Security Notice 6552-1 - Florent Saudel and Arnaud Gatignol discovered that Netatalk incorrectly handled certain specially crafted Spotlight requests. A remote attacker could possibly use this issue to cause heap corruption and execute arbitrary code.
==========================================================================
Ubuntu Security Notice USN-6552-1
December 12, 2023
netatalk vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
Netatalk could be made to crash or run programs if it received
specially crafted network traffic.
Software Description:
- netatalk: Apple Filing Protocol service
Details:
Florent Saudel and Arnaud Gatignol discovered that Netatalk incorrectly
handled certain specially crafted Spotlight requests. A remote attacker could
possibly use this issue to cause heap corruption and execute arbitrary code.
(CVE-2023-42464)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.04:
netatalk 3.1.14~ds-1ubuntu0.1
Ubuntu 22.04 LTS:
netatalk 3.1.12~ds-9ubuntu0.22.04.3
Ubuntu 20.04 LTS:
netatalk 3.1.12~ds-4ubuntu0.20.04.3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6552-1
CVE-2023-42464
Package Information:
https://launchpad.net/ubuntu/+source/netatalk/3.1.14~ds-1ubuntu0.1
https://launchpad.net/ubuntu/+source/netatalk/3.1.12~ds-9ubuntu0.22.04.3
https://launchpad.net/ubuntu/+source/netatalk/3.1.12~ds-4ubuntu0.20.04.3
Related news
Debian Linux Security Advisory 5503-1 - Multiple security issues were discovered in Netatalk, an implementation of the Apple Filing Protocol (AFP) for offering file service (mainly) to macOS clients, which may result in the execution of arbitrary code or information disclosure.
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the underlying protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a malicious actor may be able to fully control the value of the pointer and theoretically achieve Remote Code Execution on the host. This issue is similar to CVE-2023-34967.