PT-2024-3053 · Iperf+8 · Iperf+8

Jorge Sancho Larraz

Published

2023-10-16

Updated

2026-01-21

CVE-2023-7250

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions iperf (affected versions not specified)

Description A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-183

Related Identifiers

ALSA-2024:4241

ALSA-2024:9185

AZL-36892

BDU:2024-03238

CESA-2024_4241

CVE-2023-7250

DLA-4032-1

INFSA-2024_4241

INFSA-2024_9185

OESA-2024-1418

RHSA-2024:4241

RHSA-2024:9185

RHSA-2024_4241

RHSA-2024_9185

RLSA-2024:9185

USN-6431-1

USN-7970-1

Affected Products

Almalinux

Centos

Debian

Linuxmint

Red Hat

Red Os

Rocky Linux

Ubuntu

Iperf

PT-2024-3053 · Iperf+8 · Iperf+8

CVE-2023-7250

Weakness Enumeration

Related Identifiers

Affected Products

References · 52