Issue Overview:
Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address.
Affected Packages:
socat
Issue Correction:
Run yum update socat to update your system.
New Packages:
i686:
socat-debuginfo-1.7.2.1-1.6.amzn1.i686
socat-1.7.2.1-1.6.amzn1.i686
src:
socat-1.7.2.1-1.6.amzn1.src
x86_64:
socat-1.7.2.1-1.6.amzn1.x86_64
socat-debuginfo-1.7.2.1-1.6.amzn1.x86_64
Red Hat: CVE-2012-0219
Mitre: CVE-2012-0219
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | socat-debuginfo | < 1.7.2.1-1.6.amzn1 | socat-debuginfo-1.7.2.1-1.6.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | socat | < 1.7.2.1-1.6.amzn1 | socat-1.7.2.1-1.6.amzn1.i686.rpm |
Amazon Linux | 1 | x86_64 | socat | < 1.7.2.1-1.6.amzn1 | socat-1.7.2.1-1.6.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | socat-debuginfo | < 1.7.2.1-1.6.amzn1 | socat-debuginfo-1.7.2.1-1.6.amzn1.x86_64.rpm |