Jump to:

CVE-2022-22995

Jump to:

CVE-2022-22995

Package netatalk updated to version 3.1.18-alt1 for branch sisyphus in task 331160.

Published: 2022-03-26
Modified: 2024-11-21

CVE-2022-22995

The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

[debian-lts-announce] 20240104 [SECURITY] [DLA 3706-1] netatalk security update
[debian-lts-announce] 20240104 [SECURITY] [DLA 3706-1] netatalk security update
FEDORA-2023-39f0ec3879
FEDORA-2023-39f0ec3879
FEDORA-2023-ef901c862c
FEDORA-2023-ef901c862c
FEDORA-2023-cec97f7b5d
FEDORA-2023-cec97f7b5d
GLSA-202311-02
GLSA-202311-02
https://www.westerndigital.com/support/product-security/wdc-22005-netatalk-security-vulnerabilities
https://www.westerndigital.com/support/product-security/wdc-22005-netatalk-security-vulnerabilities

Version: 2.1.0

Package netatalk update in sisyphus on 2023-10-07

ALT-PU-2023-6197-1

Closed vulnerabilities

CVE-2022-22995