CVE-2023-42464

2023-09-2015:15:11

Google

osv.dev

spotlight rpc

afpd

netatalk 3.1.x

type confusion

remote code execution

cve-2023-42464

vulnerability

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

Low

0.041 Low

EPSS

Percentile

92.1%

JSON

A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the underlying protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a malicious actor may be able to fully control the value of the pointer and theoretically achieve Remote Code Execution on the host. This issue is similar to CVE-2023-34967.

CPENameOperatorVersion
netatalkeqnetatalk-3-1-6
netatalkeqnetatalk-3-1-2
netatalkeqnetatalk-3-1-13
netatalkeqnetatalk-3-1-7
netatalkeqnetatalk-3-1-14
netatalkeqnetatalk-3-1-11
netatalkeqnetatalk-3-1-10
netatalkeqnetatalk-3-1-5
netatalkeqnetatalk-3-1-12
netatalkeqnetatalk-3-1-16

Name	Operator	Version
netatalk	eq	netatalk-3-1-6
netatalk	eq	netatalk-3-1-2
netatalk	eq	netatalk-3-1-13
netatalk	eq	netatalk-3-1-7
netatalk	eq	netatalk-3-1-14
netatalk	eq	netatalk-3-1-11
netatalk	eq	netatalk-3-1-10
netatalk	eq	netatalk-3-1-5
netatalk	eq	netatalk-3-1-12
netatalk	eq	netatalk-3-1-16