CVE-2024-54661

Description

readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file.

How to fix CVE-2024-54661

To remediate CVE-2024-54661, upgrade the affected package to a fixed version below.

• Alpine/socat—upgrade to 0 or later
• Debian/socat—no fix listed

Is CVE-2024-54661 being exploited?

Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

• from 0, < 0
• from 0

CVSS scores

References (2)

• ADVISORYsecurity.alpinelinux.org/vuln/CVE-2024-54661
• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2024-54661