{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-0194","assignerOrgId":"99f1926a-a320-47d8-bbb5-42feb611262e","assignerShortName":"zdi","dateUpdated":"2025-11-04T19:12:50.718Z","dateReserved":"2022-01-11T00:00:00.000Z","datePublished":"2023-03-28T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"99f1926a-a320-47d8-bbb5-42feb611262e","shortName":"zdi","dateUpdated":"2023-11-01T16:06:19.530Z"},"descriptions":[{"lang":"en","value":"This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad_addcomment function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15876."}],"affected":[{"vendor":"Netatalk","product":"Netatalk","versions":[{"version":"3.1.12","status":"affected"}]}],"references":[{"url":"https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-22-530/"},{"name":"[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update","tags":["mailing-list"],"url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"},{"name":"DSA-5503","tags":["vendor-advisory"],"url":"https://www.debian.org/security/2023/dsa-5503"},{"name":"GLSA-202311-02","tags":["vendor-advisory"],"url":"https://security.gentoo.org/glsa/202311-02"}],"credits":[{"lang":"en","value":"Theori (@theori_io)"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-121: Stack-based Buffer Overflow","cweId":"CWE-121"}]}]},"adp":[{"title":"CVE Program Container","references":[{"url":"https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html","tags":["x_transferred"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-22-530/","tags":["x_transferred"]},{"name":"[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update","tags":["mailing-list","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"},{"name":"DSA-5503","tags":["vendor-advisory","x_transferred"],"url":"https://www.debian.org/security/2023/dsa-5503"},{"name":"GLSA-202311-02","tags":["vendor-advisory","x_transferred"],"url":"https://security.gentoo.org/glsa/202311-02"},{"url":"https://www.kb.cert.org/vuls/id/709991"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-04T19:12:50.718Z"}}]}}