24 matches found
SUSE CVE-2026-44074
Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error conditions occur simultaneously, which may allow a remote attacker to cause a minor service disruption via conditions that trigger incorrect error-handling paths...
CVE-2026-44055
A flaw was found in Netatalk. A bitwise or logic bug allows for shell injection. This vulnerability can enable an attacker to execute arbitrary code on the affected system...
CVE-2026-44074
A flaw was found in Netatalk. A remote attacker may cause a minor service disruption by triggering conditions that lead to multiple simultaneous error conditions. This occurs because Netatalk incorrectly combines multiple error values using a bitwise OR operation, resulting in incorrect error cod...
CVE-2026-44074
Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error conditions occur simultaneously, which may allow a remote attacker to cause a minor service disruption via conditions that trigger incorrect error-handling paths...
CVE-2026-44074
Netatalk versions 2.1.0 through 4.4.2 are affected. The issue arises from combining multiple errno values with a bitwise OR, yielding incorrect error codes when several error conditions occur simultaneously. This may allow a remote attacker to trigger incorrect error-handling paths and cause a mi...
CVE-2026-44074 Bitwise OR of errno values
Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error conditions occur simultaneously, which may allow a remote attacker to cause a minor service disruption via conditions that trigger incorrect error-handling paths...
CVE-2026-44074 Bitwise OR of errno values
Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error conditions occur simultaneously, which may allow a remote attacker to cause a minor service disruption via conditions that trigger incorrect error-handling paths...
CVE-2026-44074
Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error conditions occur simultaneously, which may allow a remote attacker to cause a minor service disruption via conditions that trigger incorrect error-handling paths...
CVE-2026-44074
Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error conditions occur simultaneously, which may allow a remote attacker to cause a minor service disruption via conditions that trigger incorrect error-handling paths...
CVE-2026-44055
Netatalk 3.1.4–4.4.2 contains a bitwise OR/logic bug that permits shell injection. The issue affects Netatalk’s AFP implementation and can lead to remote command execution (high impact). Fixed in version 4.4.3. Affected: Netatalk 3.1.4–4.4.2; Remediation: upgrade to 4.4.3 or later. Exploitation s...
CVE-2026-44055 Bitwise OR logic bug enables shell injection
A logic error involving bitwise OR operations in Netatalk 3.1.4 through 4.4.2 allows a remote authenticated attacker to inject OS commands and execute arbitrary code...
Netatalk 操作系统命令注入漏洞
Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.1.4 to 4.4.2 of Netatalk contained a vulnerability related to operating system command injection. This vulnerability...
Netatalk 安全漏洞
Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.1.0 to 4.4.2 of Netatalk contain security vulnerabilities. These vulnerabilities stem from the use of bitwise OR operations...
PT-2026-42437
Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error conditions occur simultaneously, which may allow a remote attacker to cause a minor service disruption via conditions that trigger incorrect error-handling paths...
CVE-2026-22983 net: do not write to msg_get_inq in callee
In the Linux kernel, the following vulnerability has been resolved: net: do not write to msggetinq in callee NULL pointer dereference fix. msggetinq is an input field from caller to callee. Don't set it in the callee, as the caller may not clear it on struct reuse. This is a kernel-internal varia...
EulerOS Virtualization 2.11.1 : multipath-tools (EulerOS-SA-2023-2046)
According to the versions of the multipath-tools packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction...
EulerOS Virtualization 2.11.0 : multipath-tools (EulerOS-SA-2023-2098)
According to the versions of the multipath-tools packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction...
EulerOS Virtualization 2.10.1 : multipath-tools (EulerOS-SA-2023-1894)
According to the versions of the multipath-tools packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction...
Privilege escalation
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...
EulerOS 2.0 SP9 : multipath-tools (EulerOS-SA-2023-1452)
According to the versions of the multipath-tools packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with...