USN-7347-1: Netatalk vulnerabilities

USN-7347-1: Netatalk vulnerabilities
12 March 2025

Several security issues were fixed in Netatalk.

Releases
Ubuntu 24.04 LTS Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM Ubuntu 14.04 ESM

Packages
netatalk - Apple Filing Protocol service

Details
It was discovered that Netatalk did not properly manage memory under
certain circumstances. A remote attacker could possibly use this issue to
execute arbitrary code. (CVE-2024-38439, CVE-2024-38440, CVE-2024-38441)

Update instructions
The problem can be corrected by updating your system to the following package versions:

Ubuntu 24.04

• netatalk - 3.1.18~ds-1ubuntu0.1~esm1
  Ubuntu 22.04
• netatalk - 3.1.12~ds-9ubuntu0.22.04.4
  Ubuntu 20.04
• netatalk - 3.1.12~ds-4ubuntu0.20.04.4
  Ubuntu 18.04
• netatalk - 2.2.6-1ubuntu0.18.04.2+esm2
  Ubuntu 16.04
• netatalk - 2.2.5-1ubuntu0.2+esm2
  Ubuntu 14.04
• netatalk - 2.2.2-1ubuntu2.2+esm2