The vulnerability of the BNbin2bn function (etc/uams/uams_dhx_pam.c) in the implementation of the Apple File Protocol Netatalk allows a hacker to cause a service failure.

🗓️ 28 Jun 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 5 Views

Vulnerability in BNbin2bn function of Netatalk Apple Filing Protocol causes bucket overflow.

Reporter	Title	Published	Views	Family All 48
AlpineLinux	CVE-2024-38440	16 Jun 202400:00	–	alpinelinux
FreeBSD	netatalk3 -- Multiple vulnerabilities	16 Jun 202400:00	–	freebsd
CNNVD	Netatalk Security Vulnerabilities	16 Jun 202400:00	–	cnnvd
CVE	CVE-2024-38440	16 Jun 202400:00	–	cve
Cvelist	CVE-2024-38440	16 Jun 202400:00	–	cvelist
Debian	[SECURITY] [DLA 3968-1] netatalk security update	27 Nov 202423:46	–	debian
Debian CVE	CVE-2024-38440	16 Jun 202400:00	–	debiancve
Tenable Nessus	Debian dla-3968 : netatalk - security update	27 Nov 202400:00	–	nessus
Tenable Nessus	Fedora 40 : netatalk (2024-900475e0f7)	9 Jul 202400:00	–	nessus
Tenable Nessus	FreeBSD : netatalk3 -- Multiple vulnerabilities (c742dbe8-3704-11ef-9e6e-b42e991fc52e)	1 Jul 202400:00	–	nessus

Vulners

Node

netatalk netatalkMatch3.2.0

Source	Link
github	www.github.com/advisories/GHSA-52mm-rqxx-gfq6
github	www.github.com/Netatalk/netatalk/blob/90d91a9ac9a7d6132ab7620d31c8c23400949206/etc/uams/uams_dhx_pam.c
github	www.github.com/Netatalk/netatalk/issues/1097
security-tracker	www.security-tracker.debian.org/tracker/CVE-2024-38440
vuldb	www.vuldb.com/
github	www.github.com/Netatalk/netatalk/security/advisories/GHSA-mxx4-9fhm-r3w5
web	www.web.nvd.nist.gov/view/vuln/detail

05 Nov 2025 00:00Current

8.1High risk

Vulners AI Score8.1

CVSS 37.5

CVSS 27.8

EPSS0.0088

BNbin2bn vulnerability Netatalk Apple Filing Protocol bucket overflow FPLoginExt parameter service failure