2480394 – (CVE-2026-44071) CVE-2026-44071 netatalk: Netatalk: Denial of Service due to missing buffer overflow detection

Bug 2480394 (CVE-2026-44071) - CVE-2026-44071 netatalk: Netatalk: Denial of Service due to missing buffer overflow detection

Summary: CVE-2026-44071 netatalk: Netatalk: Denial of Service due to missing buffer ov...

Keywords:
Status:	NEW
Alias:	CVE-2026-44071
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2480441 2480442
Blocks:
TreeView+	depends on / blocked

Reported:	2026-05-21 09:01 UTC by OSIDB Bzimport
Modified:	2026-05-21 12:54 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-05-21 09:01:29 UTC

Netatalk 3.1.2 through 4.4.2 is compiled without FORTIFY_SOURCE, which disables built-in buffer overflow detection at runtime, potentially allowing a remote attacker to cause a minor denial of service via memory errors that would otherwise be caught and safely terminated by runtime protection.

Note You need to log in before you can comment on or make changes to this bug.