SUSE-SU-2025:02749-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-202502749-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:02749-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2025:02749-1
Upstream
Related
Published
2025-08-11T07:06:39Z
Modified
2025-08-11T17:15:38.715731Z
Summary
Security update for iperf
Details

This update for iperf fixes the following issues:

  • update to 3.19.1:

    • CVE-2025-54351: Fixed buffer overflow in net.c (bsc#1247522)
    • CVE-2025-54350: Fixed Base64Decode assertion failure and application exit upon a malformed authentication attempt (bsc#1247520)
    • CVE-2025-54349: Fixed off-by-one error and resultant heap-based buffer overflow (bsc#1247519)

  • update to 3.19:

    • iperf3 now supports the use of Multi-Path TCP (MPTCPv1) on Linux with the use of the -m or --mptcp flag. (PR #1661)
    • iperf3 now supports a --cntl-ka option to enable TCP keepalives on the control connection. (#812, #835, PR #1423)
    • iperf3 now supports the MSG_TRUNC receive option, specified by the --skip-rx-copy. This theoretically improves the rated throughput of tests at high bitrates by not delivering network payload data to userspace. (#1678, PR #1717)
    • A bug that caused the bitrate setting to be ignored when bursts are set, has been fixed. (#1773, #1820, PR #1821, PR #1848)
    • The congestion control protocol setting, if used, is now properly reset between tests. (PR #1812)
    • iperf3 now exits with a non-error 0 exit code if exiting via a SIGTERM, SIGHUP, or SIGINT. (#1009, PR# 1829)
    • The current behavior of iperf3 with respect to the -n and -k options is now documented as correct. (#1768, #1775, #596, PR #1800)
References

Affected packages

SUSE:Linux Enterprise Module for Package Hub 15 SP6 / iperf

Package

Name
iperf
Purl
pkg:rpm/suse/iperf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.19.1-150000.3.15.1

Ecosystem specific 

{
    "binaries": [
        {
            "iperf-devel": "3.19.1-150000.3.15.1",
            "libiperf0": "3.19.1-150000.3.15.1",
            "iperf": "3.19.1-150000.3.15.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Package Hub 15 SP7 / iperf

Package

Name
iperf
Purl
pkg:rpm/suse/iperf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.19.1-150000.3.15.1

Ecosystem specific 

{
    "binaries": [
        {
            "iperf-devel": "3.19.1-150000.3.15.1",
            "libiperf0": "3.19.1-150000.3.15.1",
            "iperf": "3.19.1-150000.3.15.1"
        }
    ]
}

SUSE:Enterprise Storage 7.1 / iperf

Package

Name
iperf
Purl
pkg:rpm/suse/iperf&distro=SUSE%20Enterprise%20Storage%207.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.19.1-150000.3.15.1

Ecosystem specific 

{
    "binaries": [
        {
            "libiperf0": "3.19.1-150000.3.15.1",
            "iperf": "3.19.1-150000.3.15.1"
        }
    ]
}

openSUSE:Leap 15.6 / iperf

Package

Name
iperf
Purl
pkg:rpm/opensuse/iperf&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.19.1-150000.3.15.1

Ecosystem specific 

{
    "binaries": [
        {
            "iperf-devel": "3.19.1-150000.3.15.1",
            "libiperf0": "3.19.1-150000.3.15.1",
            "iperf": "3.19.1-150000.3.15.1"
        }
    ]
}