netatalk.io

search netatalk.io

powered by DuckDuckGo

Netatalk Security Advisory

Subject Out-of-bounds write in convert_charset() null termination
CVE ID# CVE-2026-44049
Severity High
Disclosure Date 2026/05/13
Affected Versions 2.0.4 - 4.4.2
Summary Charset conversion writes two null bytes past the destination buffer when converted output exactly fills the caller-supplied length

Description

Charset conversion can write past a caller-provided destination buffer when converted output exactly fills the available space. An authenticated client may be able to trigger memory corruption or a process crash.

Patch Availability

Apply CVE-2026-44049.patch to a Netatalk 4.4.2 source tree to hotfix your local Netatalk deployment.

Alternatively, upgrade to Netatalk 4.4.3 or later, which includes the patch.

Netatalk administrators are advised to upgrade to this version or apply the patch as soon as possible.

CVSS Calculation

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H (7.5)

Workaround

Restrict AFP access to trusted clients until patched.

Credits

Vulnerability reported by:

@00redbeer

Patch developed by:

Daniel Markstedt of the Netatalk team

References

Go back to the Security Policy.

Valid HTML5 Valid CSS

The source code of this website is licensed under the GNU General Public License 2.0.