CNNVD-202508-163 Information

CNNVD ID

CNNVD-202508-163

Related CVE

CVE-2025-54349

• CNNVD Published: 2025-08-03

Description (Chinese)

iperf是ESnet开源的一种主动测量 IP 网络上可实现的最大带宽的工具。 iperf 3.19.1之前版本存在安全漏洞，该漏洞源于iperf_auth.c存在差一错误，可能导致堆缓冲区溢出。

Description (English)

iperf is an active tool for measuring the maximum bandwidth available on the ESnet open source IP network. There was a security loophole in the previous version of iperf 3.19.1, which stemmed from an error in iperf auth.c, which could lead to a spill over the buffer zone.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

ESnet

Published

2025-08-03

Last Modified

2026-02-24

References

https://github.com/esnet/iperf/commit/4e5313bab0b9b3fe03513ab54f722c8a3e4b7bdf https://github.com/esnet/iperf/releases/tag/3.19.1

Patch

https://github.com/esnet/iperf/releases