CVE-2024-54661

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions socat versions prior to 1.8.0.2

Description The issue is related to the readline.sh file in socat, which relies on the /tmp/$USER/stderr2 file. This can lead to an arbitrary file overwrite via a predictable /tmp directory.

Recommendations For versions prior to 1.8.0.2, update to version 1.8.0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the /tmp/$USER/stderr2 file to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-61

Related Identifiers

ALSA-2025:10353

ALSA-2025:11042

AZL-53960

AZL-53978

BDU:2025-03292

CESA-2025_11042

CVE-2024-54661

INFSA-2025_10353

INFSA-2025_11042

MGASA-2024-0390

OESA-2024-2580

OPENSUSE-SU-2024:14582-1

OPENSUSE-SU-2024_4295-1

OPENSUSE-SU-2024_4302-1

RHSA-2025:10353

RHSA-2025:10544

RHSA-2025:10646

RHSA-2025:11042

RHSA-2025_10353

RHSA-2025_11042

SUSE-SU-2024:4294-1

SUSE-SU-2024:4295-1

SUSE-SU-2024:4302-1

SUSE-SU-2024:4348-1

SUSE-SU-2024_4294-1

SUSE-SU-2024_4295-1

SUSE-SU-2024_4302-1

Affected Products

Almalinux

Astra Linux

Centos

Debian

Red Hat

Red Os

Rocky Linux

Suse

Socat

CVE-2024-54661

Weakness Enumeration

Related Identifiers

Affected Products

References · 62