Skip to main content

Netatalk CVE-2026-44060

| EUVDEUVD-2026-31237 HIGH
Integer Underflow (CWE-191)
2026-05-21 securin GHSA-9vrg-f3g5-fg4c
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SUSE
HIGH
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
Analysis Generated
May 21, 2026 - 08:03 vuln.today

DescriptionCVE.org

In Netatalk 1.5.0 through 4.4.2, integer underflow in dsi_writeinit() leads to denial of service. Fixed in 4.4.3.

AnalysisAI

Denial of service in Netatalk versions 1.5.0 through 4.4.2 allows remote unauthenticated attackers to crash the AFP (Apple Filing Protocol) service by exploiting an integer underflow in the dsi_writeinit() function. The flaw is network-reachable with low complexity (CVSS 7.5, AV:N/AC:L/PR:N) and no public exploit identified at time of analysis, though the trivial trigger conditions make exploitation straightforward once a proof-of-concept emerges. Netatalk has resolved the issue in version 4.4.3.

Technical ContextAI

Netatalk is an open-source implementation of the Apple Filing Protocol (AFP) suite, providing file and print services to macOS clients over TCP and historically AppleTalk; it is widely deployed on Linux/BSD NAS appliances and file servers. The Data Stream Interface (DSI) layer wraps AFP messages over TCP, and dsi_writeinit() is part of the routine that initializes the outbound write buffer for DSI packets. The root cause class (CWE-191, Integer Underflow / Wraparound) means an arithmetic operation on a length or size variable drops below zero and wraps to a large unsigned value, leading to out-of-bounds memory operations or invalid buffer state that crashes the daemon. The affected CPE cpe:2.3:a:netatalk:netatalk covers all branches up to and including the 4.4.2 release line.

RemediationAI

Vendor-released patch: Netatalk 4.4.3 - upgrade all instances from any 1.5.0-4.4.2 release to 4.4.3 or later, following the upstream advisory at https://netatalk.io/security/CVE-2026-44060. If immediate patching is not possible, restrict network exposure of the AFP/DSI service (TCP/548) to trusted management networks via host or perimeter firewall rules, which prevents unauthenticated remote triggers at the cost of denying legitimate remote macOS clients on other networks. Where AFP is no longer required because macOS clients have migrated to SMB, disable the afpd service entirely - this fully eliminates the attack surface but breaks any remaining AFP-dependent Time Machine or legacy Finder mounts. For NAS appliances, consult the vendor (e.g., Synology DSM, QNAP QTS, Asustor ADM) for a firmware release that incorporates Netatalk 4.4.3.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Server 12 SP5 Fixed
SUSE Linux Enterprise Server 12 SP5-LTSS Fixed
SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security Fixed
SUSE Linux Enterprise Server for SAP Applications 12 SP5 Fixed
SUSE Linux Enterprise Desktop 12 Fixed

Share

CVE-2026-44060 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy