Security vulnerabilities and automated fixes for netatalk issues
1 post found
A critical buffer overflow vulnerability was discovered and patched in the DDP (Datagram Delivery Protocol) input processing code, where network-supplied packet length fields were used in buffer copy operations without validation against actual data boundaries. An unauthenticated remote attacker could craft a malicious DDP packet to trigger heap or stack corruption, potentially achieving arbitrary code execution at kernel or daemon privilege levels. The fix introduces proper bounds checking befo