An update for iperf3 is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3
Security Advisory
openeuler-security@openeuler.org
openEuler security committee
openEuler-SA-2024-1418
Final
1.0
1.0
2024-04-12
Initial
2024-04-12
2024-04-12
openEuler SA Tool V1.0
2024-04-12
iperf3 security update
An update for iperf3 is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3.
Iperf is a tool for active measurements of the maximum achievable bandwidth on IP networks. It supports tuning of various parameters related to timing, protocols, and buffers.
Security Fix(es):
A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service.(CVE-2023-7250)
An update for iperf3 is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3.
openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
Medium
iperf3
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1418
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-7250
https://nvd.nist.gov/vuln/detail/CVE-2023-7250
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP4
openEuler-22.03-LTS
openEuler-22.03-LTS-SP1
openEuler-22.03-LTS-SP2
openEuler-22.03-LTS-SP3
iperf3-devel-3.16-1.oe1.aarch64.rpm
iperf3-debugsource-3.16-1.oe1.aarch64.rpm
iperf3-3.16-1.oe1.aarch64.rpm
iperf3-debuginfo-3.16-1.oe1.aarch64.rpm
iperf3-devel-3.16-1.oe2003sp4.aarch64.rpm
iperf3-3.16-1.oe2003sp4.aarch64.rpm
iperf3-debugsource-3.16-1.oe2003sp4.aarch64.rpm
iperf3-debuginfo-3.16-1.oe2003sp4.aarch64.rpm
iperf3-devel-3.16-1.oe2203.aarch64.rpm
iperf3-debuginfo-3.16-1.oe2203.aarch64.rpm
iperf3-3.16-1.oe2203.aarch64.rpm
iperf3-debugsource-3.16-1.oe2203.aarch64.rpm
iperf3-debuginfo-3.16-1.oe2203sp1.aarch64.rpm
iperf3-3.16-1.oe2203sp1.aarch64.rpm
iperf3-devel-3.16-1.oe2203sp1.aarch64.rpm
iperf3-debugsource-3.16-1.oe2203sp1.aarch64.rpm
iperf3-devel-3.16-1.oe2203sp2.aarch64.rpm
iperf3-debugsource-3.16-1.oe2203sp2.aarch64.rpm
iperf3-debuginfo-3.16-1.oe2203sp2.aarch64.rpm
iperf3-3.16-1.oe2203sp2.aarch64.rpm
iperf3-debugsource-3.16-1.oe2203sp3.aarch64.rpm
iperf3-debuginfo-3.16-1.oe2203sp3.aarch64.rpm
iperf3-3.16-1.oe2203sp3.aarch64.rpm
iperf3-devel-3.16-1.oe2203sp3.aarch64.rpm
iperf3-help-3.16-1.oe1.noarch.rpm
iperf3-help-3.16-1.oe2003sp4.noarch.rpm
iperf3-help-3.16-1.oe2203.noarch.rpm
iperf3-help-3.16-1.oe2203sp1.noarch.rpm
iperf3-help-3.16-1.oe2203sp2.noarch.rpm
iperf3-help-3.16-1.oe2203sp3.noarch.rpm
iperf3-3.16-1.oe1.src.rpm
iperf3-3.16-1.oe2003sp4.src.rpm
iperf3-3.16-1.oe2203.src.rpm
iperf3-3.16-1.oe2203sp1.src.rpm
iperf3-3.16-1.oe2203sp2.src.rpm
iperf3-3.16-1.oe2203sp3.src.rpm
iperf3-devel-3.16-1.oe1.x86_64.rpm
iperf3-debugsource-3.16-1.oe1.x86_64.rpm
iperf3-3.16-1.oe1.x86_64.rpm
iperf3-debuginfo-3.16-1.oe1.x86_64.rpm
iperf3-3.16-1.oe2003sp4.x86_64.rpm
iperf3-debuginfo-3.16-1.oe2003sp4.x86_64.rpm
iperf3-debugsource-3.16-1.oe2003sp4.x86_64.rpm
iperf3-devel-3.16-1.oe2003sp4.x86_64.rpm
iperf3-devel-3.16-1.oe2203.x86_64.rpm
iperf3-debuginfo-3.16-1.oe2203.x86_64.rpm
iperf3-debugsource-3.16-1.oe2203.x86_64.rpm
iperf3-3.16-1.oe2203.x86_64.rpm
iperf3-3.16-1.oe2203sp1.x86_64.rpm
iperf3-devel-3.16-1.oe2203sp1.x86_64.rpm
iperf3-debuginfo-3.16-1.oe2203sp1.x86_64.rpm
iperf3-debugsource-3.16-1.oe2203sp1.x86_64.rpm
iperf3-debuginfo-3.16-1.oe2203sp2.x86_64.rpm
iperf3-3.16-1.oe2203sp2.x86_64.rpm
iperf3-debugsource-3.16-1.oe2203sp2.x86_64.rpm
iperf3-devel-3.16-1.oe2203sp2.x86_64.rpm
iperf3-debugsource-3.16-1.oe2203sp3.x86_64.rpm
iperf3-3.16-1.oe2203sp3.x86_64.rpm
iperf3-debuginfo-3.16-1.oe2203sp3.x86_64.rpm
iperf3-devel-3.16-1.oe2203sp3.x86_64.rpm
A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service.
2024-04-12
CVE-2023-7250
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP4
openEuler-22.03-LTS
openEuler-22.03-LTS-SP1
openEuler-22.03-LTS-SP2
openEuler-22.03-LTS-SP3
Medium
5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
iperf3 security update
2024-04-12
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1418