CVE-2012-0219

Description

Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address.

How to fix CVE-2012-0219

To remediate CVE-2012-0219, upgrade the affected package to a fixed version below.

• Debian/socat—upgrade to 1.7.1.3-1.3 or later

Is CVE-2012-0219 being exploited?

Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 1.7.1.3-1.3

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2012-0219