CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read through a signed char field causing a negative bytes_to_read value that is implicitly converted to size_t, resulting in an unbounded heap write into the 262-byte reply buffer with attacker-controlled size and content.
Configurations

Configuration 1 (hide)

cpe:2.3:a:dest-unreach:socat:*:*:*:*:*:*:*:*

History

26 Jun 2026, 16:50

Type Values Removed Values Added
First Time Dest-unreach socat
Dest-unreach
References () http://www.dest-unreach.org/socat/CHANGES - () http://www.dest-unreach.org/socat/CHANGES - Release Notes
References () https://www.vulncheck.com/advisories/socat-heap-buffer-overflow-via-socks5-reply-parser - () https://www.vulncheck.com/advisories/socat-heap-buffer-overflow-via-socks5-reply-parser - Third Party Advisory
CPE cpe:2.3:a:dest-unreach:socat:*:*:*:*:*:*:*:*

25 Jun 2026, 17:17

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-25 17:17

Updated : 2026-06-26 16:50


NVD link : CVE-2026-56123

Mitre link : CVE-2026-56123

CVE.ORG link : CVE-2026-56123


JSON object : View

Products Affected

dest-unreach

  • socat
CWE
CWE-122

Heap-based Buffer Overflow