An update for iperf3 is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2024-1418 Final 1.0 1.0 2024-04-12 Initial 2024-04-12 2024-04-12 openEuler SA Tool V1.0 2024-04-12 iperf3 security update An update for iperf3 is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3. Iperf is a tool for active measurements of the maximum achievable bandwidth on IP networks. It supports tuning of various parameters related to timing, protocols, and buffers. Security Fix(es): A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service.(CVE-2023-7250) An update for iperf3 is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium iperf3 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1418 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-7250 https://nvd.nist.gov/vuln/detail/CVE-2023-7250 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP2 openEuler-22.03-LTS-SP3 iperf3-devel-3.16-1.oe1.aarch64.rpm iperf3-debugsource-3.16-1.oe1.aarch64.rpm iperf3-3.16-1.oe1.aarch64.rpm iperf3-debuginfo-3.16-1.oe1.aarch64.rpm iperf3-devel-3.16-1.oe2003sp4.aarch64.rpm iperf3-3.16-1.oe2003sp4.aarch64.rpm iperf3-debugsource-3.16-1.oe2003sp4.aarch64.rpm iperf3-debuginfo-3.16-1.oe2003sp4.aarch64.rpm iperf3-devel-3.16-1.oe2203.aarch64.rpm iperf3-debuginfo-3.16-1.oe2203.aarch64.rpm iperf3-3.16-1.oe2203.aarch64.rpm iperf3-debugsource-3.16-1.oe2203.aarch64.rpm iperf3-debuginfo-3.16-1.oe2203sp1.aarch64.rpm iperf3-3.16-1.oe2203sp1.aarch64.rpm iperf3-devel-3.16-1.oe2203sp1.aarch64.rpm iperf3-debugsource-3.16-1.oe2203sp1.aarch64.rpm iperf3-devel-3.16-1.oe2203sp2.aarch64.rpm iperf3-debugsource-3.16-1.oe2203sp2.aarch64.rpm iperf3-debuginfo-3.16-1.oe2203sp2.aarch64.rpm iperf3-3.16-1.oe2203sp2.aarch64.rpm iperf3-debugsource-3.16-1.oe2203sp3.aarch64.rpm iperf3-debuginfo-3.16-1.oe2203sp3.aarch64.rpm iperf3-3.16-1.oe2203sp3.aarch64.rpm iperf3-devel-3.16-1.oe2203sp3.aarch64.rpm iperf3-help-3.16-1.oe1.noarch.rpm iperf3-help-3.16-1.oe2003sp4.noarch.rpm iperf3-help-3.16-1.oe2203.noarch.rpm iperf3-help-3.16-1.oe2203sp1.noarch.rpm iperf3-help-3.16-1.oe2203sp2.noarch.rpm iperf3-help-3.16-1.oe2203sp3.noarch.rpm iperf3-3.16-1.oe1.src.rpm iperf3-3.16-1.oe2003sp4.src.rpm iperf3-3.16-1.oe2203.src.rpm iperf3-3.16-1.oe2203sp1.src.rpm iperf3-3.16-1.oe2203sp2.src.rpm iperf3-3.16-1.oe2203sp3.src.rpm iperf3-devel-3.16-1.oe1.x86_64.rpm iperf3-debugsource-3.16-1.oe1.x86_64.rpm iperf3-3.16-1.oe1.x86_64.rpm iperf3-debuginfo-3.16-1.oe1.x86_64.rpm iperf3-3.16-1.oe2003sp4.x86_64.rpm iperf3-debuginfo-3.16-1.oe2003sp4.x86_64.rpm iperf3-debugsource-3.16-1.oe2003sp4.x86_64.rpm iperf3-devel-3.16-1.oe2003sp4.x86_64.rpm iperf3-devel-3.16-1.oe2203.x86_64.rpm iperf3-debuginfo-3.16-1.oe2203.x86_64.rpm iperf3-debugsource-3.16-1.oe2203.x86_64.rpm iperf3-3.16-1.oe2203.x86_64.rpm iperf3-3.16-1.oe2203sp1.x86_64.rpm iperf3-devel-3.16-1.oe2203sp1.x86_64.rpm iperf3-debuginfo-3.16-1.oe2203sp1.x86_64.rpm iperf3-debugsource-3.16-1.oe2203sp1.x86_64.rpm iperf3-debuginfo-3.16-1.oe2203sp2.x86_64.rpm iperf3-3.16-1.oe2203sp2.x86_64.rpm iperf3-debugsource-3.16-1.oe2203sp2.x86_64.rpm iperf3-devel-3.16-1.oe2203sp2.x86_64.rpm iperf3-debugsource-3.16-1.oe2203sp3.x86_64.rpm iperf3-3.16-1.oe2203sp3.x86_64.rpm iperf3-debuginfo-3.16-1.oe2203sp3.x86_64.rpm iperf3-devel-3.16-1.oe2203sp3.x86_64.rpm A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service. 2024-04-12 CVE-2023-7250 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP2 openEuler-22.03-LTS-SP3 Medium 5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L iperf3 security update 2024-04-12 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1418