PT-2023-3693 · Iperf3+9 · Iperf3+9

Inooo

Publicado

2023-07-06

Atualizado

2025-08-11

CVE-2023-38403

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions iperf3 versions prior to 3.14

Description The issue is related to an integer overflow when handling field lengths, which can be exploited by a remote attacker to cause a denial of service. This can lead to heap corruption via a crafted length field.

Recommendations For versions prior to 3.14, update to version 3.14 or later to resolve the issue. As a temporary workaround, consider restricting access to the iperf3 tool until a patch is applied.

Correção

DoS

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190

Identificadores relacionados

ALSA-2023:4570

ALSA-2023:4571

AZL-27672

BDU:2023-03980

CESA-2023_4326

CESA-2023_4570

CVE-2023-38403

DLA-3506-1

DSA-5455-1

MGASA-2023-0271

OESA-2023-1497

OPENSUSE-SU-2023_2987-1

OPENSUSE-SU-2024:13060-1

RHSA-2023:4326

RHSA-2023:4414

RHSA-2023:4415

RHSA-2023:4416

RHSA-2023:4431

RHSA-2023:4432

RHSA-2023:4570

RHSA-2023:4571

RHSA-2023_4326

RHSA-2023_4570

RHSA-2023_4571

RLSA-2023:4570

RLSA-2023:4571

SUSE-SU-2023:2987-1

SUSE-SU-2023:3887-1

USN-6431-1

USN-6431-2

USN-6431-3

Produtos afetados

Almalinux

Centos

Linuxmint

Apple Macos

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

Iperf3

PT-2023-3693 · Iperf3+9 · Iperf3+9

CVE-2023-38403

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 79