Stack-based buffer overflow in Netatalk - #VU137334
Published: July 12, 2026
Netatalk
Detailed vulnerability description
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to a stack-based buffer overflow in convert_charset() when processing filenames with decomposable Unicode characters. A remote attacker can supply a specially crafted filename to execute arbitrary code.
The issue is triggered by type confusion that uses a byte count as a ucs2_t array index for null termination, causing a write at double the intended offset.