Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 415977 (CVE-2012-0219)

Summary: <net-misc/socat-{1.7.2.1,2.0.0-b5} heap based buffer overflow vulnerability allows arbitrary code execution (CVE-2012-0219)
Product: Gentoo Security Reporter: Jeroen Roovers (RETIRED) <jer>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: netmon
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B1 [glsa]
Package list:
Runtime testing required: ---

Description Jeroen Roovers (RETIRED) gentoo-dev 2012-05-14 19:01:50 UTC
2012/05/14: A heap based buffer overflow vulnerability has been found with data that happens to be output on the READLINE address. Successful exploitation may allow an attacker to execute arbitrary code with the privileges of the socat process (advisory[1]). Fixed versions are 1.7.2.1 and 2.0.0-b5. Patches are available in the download area.

[1] http://www.dest-unreach.org/socat/contrib/socat-secadv3.html
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2012-05-14 19:03:34 UTC
Arch teams, please test and mark stable:
=net-misc/socat-1.7.2.1
Target KEYWORDS="alpha amd64 arm hppa ia64 ppc sparc x86"
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2012-05-14 22:49:57 UTC
Stable for HPPA.
Comment 3 Tobias Klausmann (RETIRED) gentoo-dev 2012-05-17 19:00:47 UTC
Stable on alpha.
Comment 4 Agostino Sarubbo gentoo-dev 2012-05-18 08:07:48 UTC
amd64 stable
Comment 5 Jeff (JD) Horelick (RETIRED) gentoo-dev 2012-05-18 08:43:05 UTC
x86 stable
Comment 6 Markus Meier gentoo-dev 2012-05-26 10:05:50 UTC
arm stable
Comment 7 Raúl Porcel (RETIRED) gentoo-dev 2012-05-26 17:19:46 UTC
ia64/sparc stable
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2012-06-29 21:02:55 UTC
CVE-2012-0219 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0219):
  Heap-based buffer overflow in the xioscan_readline function in
  xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through
  2.0.0-b4 allows local users to execute arbitrary code via the READLINE
  address.
Comment 9 Michael Weber (RETIRED) gentoo-dev 2012-07-08 21:50:53 UTC
got ppc stabled by Brent on May 21th
Comment 10 Sean Amoss (RETIRED) gentoo-dev Security 2012-07-11 21:57:08 UTC
Thanks, everyone. 

Filing a new GLSA request.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2012-08-14 20:50:02 UTC
This issue was resolved and addressed in
 GLSA 201208-01 at http://security.gentoo.org/glsa/glsa-201208-01.xml
by GLSA coordinator Sean Amoss (ackle).