socat-1.7.4.1-2.el8_10

エラータID: AXSA:2025-10502:01

Release date: 
Thursday, July 17, 2025 - 12:24
Subject: 
socat-1.7.4.1-2.el8_10
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The socat utility establishes bi-directional byte streams and transfers data between them. The utility can establish streams between a large set of channels, such as files, pipes, devices, and sockets.

Security Fix(es):

* socat: arbitrary file overwrite via predictable /tmp directory (CVE-2024-54661)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2024-54661
readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file.

Solution: 

Update packages.

CVEs: 
CVE-2024-54661
readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file.
Additional Info: 

N/A

Download: 

SRPMS
  1. socat-1.7.4.1-2.el8_10.src.rpm
    MD5: 819e1f75deda951bfcba1c026989f4e3
    SHA-256: d530e6e3c32f8a98b8f0239b9e2a3d1537780751192a778ef9fcb044e0c0a0b0
    Size: 650.43 kB

Asianux Server 8 for x86_64
  1. socat-1.7.4.1-2.el8_10.x86_64.rpm
    MD5: 7ca482a66933cfa3852b66279f9c543b
    SHA-256: cd277956150e53c7f8492b5a6b44bcd9d7c395873cdc62b50b028622f2a9c82a
    Size: 322.20 kB