Description

readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file.

Classification

CVE ID: CVE-2024-54661

Affected Products

Vendor: dest-unreach

Product: socat

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.49% (scored less or equal to compared to others)

EPSS Date: 2025-02-05 (when was this score calculated)

References

https://repo.or.cz/socat.git/blob/6ff391324d2d3b9f6bfb58e7d16a20be43b47af7:/readline.sh#l29
http://www.dest-unreach.org/socat/contrib/socat-secadv9.html

Timeline