Описание
Security update for iperf
This update for iperf fixes the following issues:
-
update to 3.19.1:
- CVE-2025-54351: Fixed buffer overflow in net.c (bsc#1247522)
- CVE-2025-54350: Fixed Base64Decode assertion failure and application exit upon a malformed authentication attempt (bsc#1247520)
- CVE-2025-54349: Fixed off-by-one error and resultant heap-based buffer overflow (bsc#1247519)
-
update to 3.19:
- iperf3 now supports the use of Multi-Path TCP (MPTCPv1) on Linux
with the use of the
-mor--mptcpflag. (PR #1661) - iperf3 now supports a
--cntl-kaoption to enable TCP keepalives on the control connection. (#812, #835, PR #1423) - iperf3 now supports the
MSG_TRUNCreceive option, specified by the--skip-rx-copy. This theoretically improves the rated throughput of tests at high bitrates by not delivering network payload data to userspace. (#1678, PR #1717) - A bug that caused the bitrate setting to be ignored when bursts are set, has been fixed. (#1773, #1820, PR #1821, PR #1848)
- The congestion control protocol setting, if used, is now properly reset between tests. (PR #1812)
- iperf3 now exits with a non-error 0 exit code if exiting via a
SIGTERM,SIGHUP, orSIGINT. (#1009, PR# 1829) - The current behavior of iperf3 with respect to the
-nand-koptions is now documented as correct. (#1768, #1775, #596, PR #1800)
- iperf3 now supports the use of Multi-Path TCP (MPTCPv1) on Linux
with the use of the
Список пакетов
SUSE Enterprise Storage 7.1
iperf-3.19.1-150000.3.15.1
libiperf0-3.19.1-150000.3.15.1
SUSE Linux Enterprise Module for Package Hub 15 SP6
iperf-3.19.1-150000.3.15.1
iperf-devel-3.19.1-150000.3.15.1
libiperf0-3.19.1-150000.3.15.1
SUSE Linux Enterprise Module for Package Hub 15 SP7
iperf-3.19.1-150000.3.15.1
iperf-devel-3.19.1-150000.3.15.1
libiperf0-3.19.1-150000.3.15.1
openSUSE Leap 15.6
iperf-3.19.1-150000.3.15.1
iperf-devel-3.19.1-150000.3.15.1
libiperf0-3.19.1-150000.3.15.1
Ссылки
- Link for SUSE-SU-2025:02749-1
- E-Mail link for SUSE-SU-2025:02749-1
- SUSE Security Ratings
- SUSE Bug 1247519
- SUSE Bug 1247520
- SUSE Bug 1247522
- SUSE CVE CVE-2025-54349 page
- SUSE CVE CVE-2025-54350 page
- SUSE CVE CVE-2025-54351 page
Описание
In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow.
Затронутые продукты
SUSE Enterprise Storage 7.1:iperf-3.19.1-150000.3.15.1
SUSE Enterprise Storage 7.1:libiperf0-3.19.1-150000.3.15.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:iperf-3.19.1-150000.3.15.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:iperf-devel-3.19.1-150000.3.15.1
Ссылки
- CVE-2025-54349
- SUSE Bug 1247519
Описание
In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt.
Затронутые продукты
SUSE Enterprise Storage 7.1:iperf-3.19.1-150000.3.15.1
SUSE Enterprise Storage 7.1:libiperf0-3.19.1-150000.3.15.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:iperf-3.19.1-150000.3.15.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:iperf-devel-3.19.1-150000.3.15.1
Ссылки
- CVE-2025-54350
- SUSE Bug 1247520
Описание
In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv).
Затронутые продукты
SUSE Enterprise Storage 7.1:iperf-3.19.1-150000.3.15.1
SUSE Enterprise Storage 7.1:libiperf0-3.19.1-150000.3.15.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:iperf-3.19.1-150000.3.15.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:iperf-devel-3.19.1-150000.3.15.1
Ссылки
- CVE-2025-54351
- SUSE Bug 1247522