[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-54351/iperf3

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Aug 3 16:23:53 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6e50ace6 by Salvatore Bonaccorso at 2025-08-03T17:22:42+02:00
Update status for CVE-2025-54351/iperf3

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,9 +27,10 @@ CVE-2025-8493 (A vulnerability classified as critical was found in code-projects
 CVE-2025-54955 (OpenNebula Community Edition (CE) before 7.0.0 and Enterprise Edition  ...)
 	- opennebula <removed>
 CVE-2025-54351 (In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-cop ...)
-	- iperf3 <unfixed>
-	NOTE: https://github.com/esnet/iperf/commit/969b7f70c447513e92c9798f22e82b40ebc53bf0 (master)
-	NOTE: https://github.com/esnet/iperf/commit/c9af85a384859365b7184be173da4876437aaf40 (3.19.1)
+	- iperf3 <not-affected> (Vulnerable code introduced later)
+	NOTE: Introduced with: https://github.com/esnet/iperf/commit/daea2dc307cb2b1e2c76ebe4d00659d321e13442 (3.19)
+	NOTE: Fixed by: https://github.com/esnet/iperf/commit/969b7f70c447513e92c9798f22e82b40ebc53bf0 (master)
+	NOTE: Fixed by: https://github.com/esnet/iperf/commit/c9af85a384859365b7184be173da4876437aaf40 (3.19.1)
 CVE-2025-54350 (In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion fail ...)
 	- iperf3 <unfixed>
 	NOTE: https://github.com/esnet/iperf/commit/4eab661da0bbaac04493fa40164e928c6df7934a (master)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e50ace61ac6140e76f9521c4f038ffbdac6aec6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e50ace61ac6140e76f9521c4f038ffbdac6aec6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250803/38caaa25/attachment.htm>

More information about the debian-security-tracker-commits mailing list