Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Mageia 8 MGASA-2022-0196 Moderate: Netatalk Remote Code Execution

mageia
Calendar Grey May 22, 2022
Dist Mageia Esm H88
Revised netatalk packages address remote execution vulnerabilities for Mageia 8. Security notices issued regarding these flaws.
Remote arbitrary code execution related to dsi_stream_receive()

Summary

Remote arbitrary code execution related to dsi_stream_receive(). (CVE-2021-31439) Remote arbitrary code execution related to parse_entries(). (CVE-2022-23121) Remote arbitrary code execution related to copyapplfile(). (CVE-2022-23125)

References

- https://bugs.mageia.org/show_bug.cgi?id=30287

- https://lists.suse.com/pipermail/sle-security-updates/2022-April/010700.html

- https://www.cve.org/CVERecord?id=CVE-2021-31439

- https://www.cve.org/CVERecord?id=CVE-2022-23121

- https://www.cve.org/CVERecord?id=CVE-2022-23125

Topics%20covered

Topics Covered

security advisory moderate security issue remote code execution security fix netatalk Mageia

Resolution

SRPMS

- 8/core/netatalk-3.1.12-7.1.mga8

Publication date: 22 May 2022
URL: https://advisories.mageia.org/MGASA-2022-0196.html
Type: security
CVE: CVE-2021-31439, CVE-2022-23121, CVE-2022-23125

Topics%20covered

Topics Covered

security advisory moderate security issue remote code execution security fix netatalk Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here