rpm package
opensuse/iperf&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/iperf&distro=openSUSE%20Leap%2015.6
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-54351 | — | < 3.19.1-150000.3.15.1 | 3.19.1-150000.3.15.1 | Aug 3, 2025 | In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv). | ||
| CVE-2025-54350 | — | < 3.19.1-150000.3.15.1 | 3.19.1-150000.3.15.1 | Aug 3, 2025 | In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt. | ||
| CVE-2025-54349 | — | < 3.19.1-150000.3.15.1 | 3.19.1-150000.3.15.1 | Aug 3, 2025 | In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow. | ||
| CVE-2024-53580 | — | < 3.18-150000.3.12.1 | 3.18-150000.3.12.1 | Dec 18, 2024 | iperf v3.17.1 was discovered to contain a segmentation violation via the iperf_exchange_parameters() function. | ||
| CVE-2024-26306 | — | < 3.17.1-150000.3.9.1 | 3.17.1-150000.3.9.1 | May 13, 2024 | iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large |
- CVE-2025-54351Aug 3, 2025affected < 3.19.1-150000.3.15.1fixed 3.19.1-150000.3.15.1
In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv).
- CVE-2025-54350Aug 3, 2025affected < 3.19.1-150000.3.15.1fixed 3.19.1-150000.3.15.1
In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt.
- CVE-2025-54349Aug 3, 2025affected < 3.19.1-150000.3.15.1fixed 3.19.1-150000.3.15.1
In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow.
- CVE-2024-53580Dec 18, 2024affected < 3.18-150000.3.12.1fixed 3.18-150000.3.12.1
iperf v3.17.1 was discovered to contain a segmentation violation via the iperf_exchange_parameters() function.
- CVE-2024-26306May 13, 2024affected < 3.17.1-150000.3.9.1fixed 3.17.1-150000.3.9.1
iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large