socat versions 1.8.0.0 through 1.8.1.1 contain a heap...
Critical severity
Unreviewed
Published
Jun 25, 2026
to the GitHub Advisory Database
•
Updated Jun 25, 2026
Description
Published by the National Vulnerability Database
Jun 25, 2026
Published to the GitHub Advisory Database
Jun 25, 2026
Last updated
Jun 25, 2026
socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read through a signed char field causing a negative bytes_to_read value that is implicitly converted to size_t, resulting in an unbounded heap write into the 262-byte reply buffer with attacker-controlled size and content.
References