ALAS-2012-087


Amazon Linux AMI Security Advisory: ALAS-2012-87
Advisory Release Date: 2014-09-14 16:19 Pacific
Severity: Medium
References: CVE-2012-0219 

Issue Overview:

Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address.


Affected Packages:

socat


Issue Correction:
Run yum update socat to update your system.

New Packages:
i686:
    socat-debuginfo-1.7.2.1-1.6.amzn1.i686
    socat-1.7.2.1-1.6.amzn1.i686

src:
    socat-1.7.2.1-1.6.amzn1.src

x86_64:
    socat-1.7.2.1-1.6.amzn1.x86_64
    socat-debuginfo-1.7.2.1-1.6.amzn1.x86_64