Johan Thillemann

**Name of the Vulnerable Software and Affected Versions** socat versions 1.4.0.0 through 1.7.2.0 socat versions 2.0.0-b1 through 2.0.0-b4 **Description** A heap-based buffer overflow issue exists in the `xioscan readline` function, located in the xio-readline.c file. This allows local users to execute arbitrary code via the `READLINE` address. **Recommendations** For socat versions 1.4.0.0 through 1.7.2.0, update to a version outside of this range to resolve the issue. For socat versions 2.0.0-b1 through 2.0.0-b4, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the `xioscan readline` function in the xio-readline.c file until a patch is available.