Skip to main content

Netatalk CVE-2026-44064

| EUVDEUVD-2026-31240 HIGH
Out-of-bounds Read (CWE-125)
2026-05-21 securin GHSA-4pvp-5874-59c5
7.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.1 HIGH
AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
SUSE
HIGH
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
High

Lifecycle Timeline

1
Analysis Generated
May 21, 2026 - 08:04 vuln.today

DescriptionCVE.org

In Netatalk 1.3 through 4.4.2, asp session id out-of-bounds access. Fixed in 4.4.3.

AnalysisAI

Out-of-bounds read in Netatalk versions 1.3 through 4.4.2 allows adjacent network attackers to trigger denial of service and potentially disclose memory contents via malformed ASP (AppleTalk Session Protocol) session IDs. The flaw, classified as CWE-125, was fixed in version 4.4.3, and no public exploit identified at time of analysis. CVSS 7.1 reflects an adjacent-network attack vector with no privileges required and a high availability impact.

Technical ContextAI

Netatalk is an open-source implementation of the Apple Filing Protocol (AFP) suite, providing file and print services to macOS and classic Mac clients on Unix-like systems. The vulnerability resides in the handling of ASP (AppleTalk Session Protocol) session identifiers, where the daemon performs an out-of-bounds memory read (CWE-125) when processing a crafted session ID. The CPE cpe:2.3:a:netatalk:netatalk:* covers all Netatalk builds in the 1.3-4.4.2 lineage, indicating the defect persisted across a long span of releases in the session-management code path.

RemediationAI

Vendor-released patch: Netatalk 4.4.3 - upgrade afpd/atalkd packages to 4.4.3 or later as referenced in the advisory at https://netatalk.io/security/CVE-2026-44064. Where immediate patching is not possible, restrict reachability to the AFP/ASP service (TCP 548 and any legacy AppleTalk transports) using host firewalls or segment ACLs so that only trusted client subnets can reach the daemon, which neutralizes the adjacent-network attack vector at the cost of breaking Mac client connectivity from untrusted segments. On NAS appliances or distributions that have not yet shipped a 4.4.3-based package, disable the Netatalk/AFP service entirely and migrate clients to SMB (macOS has supported SMB as the default for years), accepting the loss of legacy AppleTalk/Time Machine-over-AFP features.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Server 12 SP5 Fixed
SUSE Linux Enterprise Server 12 SP5-LTSS Fixed
SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security Fixed
SUSE Linux Enterprise Server for SAP Applications 12 SP5 Fixed
SUSE Linux Enterprise Desktop 12 Fixed

Share

CVE-2026-44064 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy