Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-7250

A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service.

Published

2024-03-18T13:15:06.910

Last Modified

2025-04-07T16:57:33.430

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-183

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	es	iperf3	< 3.15	Yes
Operating System	redhat	enterprise_linux	8.0	Yes
Operating System	redhat	enterprise_linux	9.0	Yes
Operating System	redhat	enterprise_linux_for_arm_64	8.0_aarch64	Yes
Operating System	redhat	enterprise_linux_for_arm_64	9.0_aarch64	Yes
Operating System	redhat	enterprise_linux_for_ibm_z_systems	8.0_s390x	Yes
Operating System	redhat	enterprise_linux_for_ibm_z_systems	9.0_s390x	Yes
Operating System	redhat	enterprise_linux_for_power_little_endian	8.0_ppc64le	Yes

References

https://access.redhat.com/errata/RHSA-2024:4241 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2024:9185 Third Party Advisory ([email protected])
https://access.redhat.com/security/cve/CVE-2023-7250 Third Party Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2244707 Issue Tracking, Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2024:4241 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/security/cve/CVE-2023-7250 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=2244707 Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)