A time-of-check time-of-use (TOCTOU) condition in the ad_flush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote attacker to cause limited data modification under specific race conditions.
{
"binaries": [
{
"binary_name": "a2boot",
"binary_version": "4.2.3~ds-1"
},
{
"binary_name": "atalkd",
"binary_version": "4.2.3~ds-1"
},
{
"binary_name": "libatalk",
"binary_version": "4.2.3~ds-1"
},
{
"binary_name": "macipgw",
"binary_version": "4.2.3~ds-1"
},
{
"binary_name": "netatalk",
"binary_version": "4.2.3~ds-1"
},
{
"binary_name": "netatalk-tests",
"binary_version": "4.2.3~ds-1"
},
{
"binary_name": "netatalk-tools",
"binary_version": "4.2.3~ds-1"
},
{
"binary_name": "papd",
"binary_version": "4.2.3~ds-1"
},
{
"binary_name": "timelord",
"binary_version": "4.2.3~ds-1"
}
]
}{
"binaries": [
{
"binary_name": "a2boot",
"binary_version": "4.2.3~ds-2.1ubuntu0.2"
},
{
"binary_name": "atalkd",
"binary_version": "4.2.3~ds-2.1ubuntu0.2"
},
{
"binary_name": "libatalk",
"binary_version": "4.2.3~ds-2.1ubuntu0.2"
},
{
"binary_name": "macipgw",
"binary_version": "4.2.3~ds-2.1ubuntu0.2"
},
{
"binary_name": "netatalk",
"binary_version": "4.2.3~ds-2.1ubuntu0.2"
},
{
"binary_name": "netatalk-tests",
"binary_version": "4.2.3~ds-2.1ubuntu0.2"
},
{
"binary_name": "netatalk-tools",
"binary_version": "4.2.3~ds-2.1ubuntu0.2"
},
{
"binary_name": "papd",
"binary_version": "4.2.3~ds-2.1ubuntu0.2"
},
{
"binary_name": "timelord",
"binary_version": "4.2.3~ds-2.1ubuntu0.2"
}
]
}