CVE-2024-54661

Publication date 4 December 2024

Last updated 6 July 2026


Ubuntu priority

Cvss 3 Severity Score

9.8 · Critical

Score breakdown

Description

readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file.

Read the notes from the security team

Why is this CVE low priority?

Only affects an example sample script

Learn more about Ubuntu priority

Status

Package Ubuntu Release Status
socat 26.04 LTS resolute
Not affected
25.10 questing
Not affected
25.04 plucky Ignored end of life, was needs-triage
24.10 oracular Ignored end of life, was needs-triage
24.04 LTS noble
Fixed 1.8.0.0-4ubuntu0.1
22.04 LTS jammy
Needs evaluation
20.04 LTS focal
Needs evaluation
18.04 LTS bionic
Needs evaluation
16.04 LTS xenial Ignored end of ESM support, was needs-triage
14.04 LTS trusty
Needs evaluation

Notes


mdeslaur

This only affects a sample script installed in /usr/share/doc/socat/examples/readline.sh

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
socat

Severity score breakdown

CVSS version: CVSS v3.0

Base score 9.8 · Critical

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H


Access our resources on patching vulnerabilities