Unrated severityNVD Advisory· Published Jul 17, 2023· Updated Nov 27, 2024
CVE-2023-38403
CVE-2023-38403
Description
iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- iperf3/iperf3description
- osv-coords7 versionspkg:rpm/almalinux/iperf3pkg:rpm/opensuse/iperf&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/iperf&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/iperf&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/iperf&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/iperf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/iperf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5
< 3.5-7.el8_8.alma+ 6 more
- (no CPE)range: < 3.5-7.el8_8.alma
- (no CPE)range: < 3.5-150000.3.3.1
- (no CPE)range: < 3.5-150000.3.3.1
- (no CPE)range: < 3.5-150000.3.3.1
- (no CPE)range: < 3.5-150000.3.3.1
- (no CPE)range: < 3.5-150000.3.3.1
- (no CPE)range: < 3.5-150000.3.3.1
Patches
Vulnerability mechanics
References
13- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6EBWWF4PEQKROEVXGYSTIT2MGBTLU7/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M25Z5FHTO3XWMGP37JHJ7IIIHSGCLKEV/mitrevendor-advisory
- seclists.org/fulldisclosure/2023/Oct/24mitremailing-list
- seclists.org/fulldisclosure/2023/Oct/26mitremailing-list
- lists.debian.org/debian-lts-announce/2023/07/msg00025.htmlmitremailing-list
- bugs.debian.org/1040830mitre
- cwe.mitre.org/data/definitions/130.htmlmitre
- downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.ascmitre
- github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9mitre
- github.com/esnet/iperf/issues/1542mitre
- security.netapp.com/advisory/ntap-20230818-0016/mitre
- support.apple.com/kb/HT213984mitre
- support.apple.com/kb/HT213985mitre
News mentions
0No linked articles in our index yet.