Description
An out-of-bounds write due to improper null termination in convert_charset() in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service via crafted character data.
Published: 2026-05-21
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Netatalk versions 2.0.4 through 4.4.2 contain an out‑of‑bounds write in the convert_charset() function caused by improper null termination. The flaw corrupts memory and, when triggered by a crafted character string, can lead to arbitrary code execution or a denial‑of‑service event. It is a classic buffer overrun vulnerability identified as CWE‑787.

Affected Systems

The affected product is Netatalk, produced by the Netatalk project. Any deployed installations of Netatalk from version 2.0.4 up to and including 4.4.2 are vulnerable.

Risk and Exploitability

The CVSS score of 7.5 indicates a high severity vulnerability. EPSS information is not available, and the flaw is not listed in the CISA KEV catalog. The described exploitation requires a remote attacker to be authenticated to the Netatalk service, as the vulnerable function is exercised only when authenticated user input is processed. An attacker with valid credentials can send specially crafted character data over the network to trigger convert_charset, resulting in memory corruption that may lead to process crashes or execution of arbitrary code.

Generated by OpenCVE AI on May 21, 2026 at 11:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Netatalk update that includes the fix for CVE-2026-44049.
  • If an immediate update is not possible, restrict or block access to the Netatalk service to trusted hosts and enforce strict authentication before allowing user input.
  • Enable runtime hardening such as ASLR and stack canaries on the system hosting Netatalk, and use a sandboxed environment or container to run the service.

Generated by OpenCVE AI on May 21, 2026 at 11:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-62801 netatalk security update
History

Thu, 21 May 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 21 May 2026 09:30:00 +0000

Type Values Removed Values Added
First Time appeared Netatalk
Netatalk netatalk
Vendors & Products Netatalk
Netatalk netatalk

Thu, 21 May 2026 09:00:00 +0000

Type Values Removed Values Added
Description In Netatalk 2.0.4 through 4.4.2, out-of-bounds write in convert_charset() null termination. Fixed in 4.4.3. An out-of-bounds write due to improper null termination in convert_charset() in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service via crafted character data.

Thu, 21 May 2026 07:45:00 +0000

Type Values Removed Values Added
Description In Netatalk 2.0.4 through 4.4.2, out-of-bounds write in convert_charset() null termination. Fixed in 4.4.3.
Title Out-of-bounds write in convert_charset() null termination
Weaknesses CWE-787
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Netatalk Netatalk
cve-icon MITRE

Status: PUBLISHED

Assigner: securin

Published:

Updated: 2026-05-21T12:42:14.824Z

Reserved: 2026-05-05T07:24:42.291Z

Link: CVE-2026-44049

cve-icon Vulnrichment

Updated: 2026-05-21T12:41:54.486Z

cve-icon NVD

Status : Deferred

Published: 2026-05-21T08:16:20.473

Modified: 2026-05-21T15:20:19.040

Link: CVE-2026-44049

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-21T11:30:06Z

Weaknesses