{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-38403", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-02T17:39:13.471Z", "dateReserved": "2023-07-17T00:00:00", "datePublished": "2023-07-17T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-10-25T23:07:43.008593"}, "descriptions": [{"lang": "en", "value": "iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc"}, {"url": "https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9"}, {"url": "https://bugs.debian.org/1040830"}, {"url": "https://github.com/esnet/iperf/issues/1542"}, {"url": "https://cwe.mitre.org/data/definitions/130.html"}, {"name": "[debian-lts-announce] 20230725 [SECURITY] [DLA 3506-1] iperf3 security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00025.html"}, {"name": "FEDORA-2023-5f3b4c0b97", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M25Z5FHTO3XWMGP37JHJ7IIIHSGCLKEV/"}, {"name": "FEDORA-2023-04243a1845", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6EBWWF4PEQKROEVXGYSTIT2MGBTLU7/"}, {"url": "https://security.netapp.com/advisory/ntap-20230818-0016/"}, {"url": "https://support.apple.com/kb/HT213984"}, {"url": "https://support.apple.com/kb/HT213985"}, {"name": "20231025 APPLE-SA-10-25-2023-4 macOS Sonoma 14.1", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2023/Oct/24"}, {"name": "20231025 APPLE-SA-10-25-2023-5 macOS Ventura 13.6.1", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2023/Oct/26"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:39:13.471Z"}, "title": "CVE Program Container", "references": [{"url": "https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc", "tags": ["x_transferred"]}, {"url": "https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9", "tags": ["x_transferred"]}, {"url": "https://bugs.debian.org/1040830", "tags": ["x_transferred"]}, {"url": "https://github.com/esnet/iperf/issues/1542", "tags": ["x_transferred"]}, {"url": "https://cwe.mitre.org/data/definitions/130.html", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20230725 [SECURITY] [DLA 3506-1] iperf3 security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00025.html"}, {"name": "FEDORA-2023-5f3b4c0b97", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M25Z5FHTO3XWMGP37JHJ7IIIHSGCLKEV/"}, {"name": "FEDORA-2023-04243a1845", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6EBWWF4PEQKROEVXGYSTIT2MGBTLU7/"}, {"url": "https://security.netapp.com/advisory/ntap-20230818-0016/", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT213984", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT213985", "tags": ["x_transferred"]}, {"name": "20231025 APPLE-SA-10-25-2023-4 macOS Sonoma 14.1", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2023/Oct/24"}, {"name": "20231025 APPLE-SA-10-25-2023-5 macOS Ventura 13.6.1", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2023/Oct/26"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:es:iperf3:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB06DF8B-3E48-4F3A-B510-50B8CE67FC1A", "versionEndExcluding": "3.14", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797", "vulnerable": true}, {"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "C3ED302E-F464-40DE-A976-FD518E42D95D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AC99BA0-CC79-4E06-87CA-CA3525CEF81E", "versionEndExcluding": "13.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*", "matchCriteriaId": "9FE27DF1-3AF9-4BE4-8541-565FE5BC16A2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field."}], "id": "CVE-2023-38403", "lastModified": "2024-01-09T02:53:19.040", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-07-17T21:15:09.800", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Oct/24"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Oct/26"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://bugs.debian.org/1040830"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://cwe.mitre.org/data/definitions/130.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://github.com/esnet/iperf/issues/1542"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00025.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6EBWWF4PEQKROEVXGYSTIT2MGBTLU7/"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M25Z5FHTO3XWMGP37JHJ7IIIHSGCLKEV/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20230818-0016/"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://support.apple.com/kb/HT213984"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://support.apple.com/kb/HT213985"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2023:4326", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "iperf3-0:3.1.7-3.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2023-07-31T00:00:00Z"}, {"advisory": "RHSA-2023:4570", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "iperf3-0:3.5-7.el8_8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-08-08T00:00:00Z"}, {"advisory": "RHSA-2023:4416", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "iperf3-0:3.5-4.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2023-08-01T00:00:00Z"}, {"advisory": "RHSA-2023:4415", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "iperf3-0:3.5-4.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2023-08-01T00:00:00Z"}, {"advisory": "RHSA-2023:4415", "cpe": "cpe:/a:redhat:rhel_tus:8.2", "package": "iperf3-0:3.5-4.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "release_date": "2023-08-01T00:00:00Z"}, {"advisory": "RHSA-2023:4415", "cpe": "cpe:/a:redhat:rhel_e4s:8.2", "package": "iperf3-0:3.5-4.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "release_date": "2023-08-01T00:00:00Z"}, {"advisory": "RHSA-2023:4432", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "iperf3-0:3.5-7.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2023-08-02T00:00:00Z"}, {"advisory": "RHSA-2023:4432", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "iperf3-0:3.5-7.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2023-08-02T00:00:00Z"}, {"advisory": "RHSA-2023:4432", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "iperf3-0:3.5-7.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2023-08-02T00:00:00Z"}, {"advisory": "RHSA-2023:4414", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "iperf3-0:3.5-7.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-08-01T00:00:00Z"}, {"advisory": "RHSA-2023:4571", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "iperf3-0:3.9-10.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-08-08T00:00:00Z"}, {"advisory": "RHSA-2023:4431", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "iperf3-0:3.9-10.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2023-08-02T00:00:00Z"}], "bugzilla": {"description": "iperf3: memory allocation hazard and crash", "id": "2222204", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222204"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-190", "details": ["iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.", "An integer overflow flaw was found in the way iperf3 dynamically allocates memory buffers for JSON-formatted messages. A remote attacker could send a specially crafted sequence of bytes on the iperf3 control channel with a specified JSON message length of 0xffffffff to trigger an integer overflow leading the receiving process to abort due to heap corruption. This flaw allows an attacker to use a malicious client to cause a denial of service of an iperf3 server or potentially use a malicious server to cause connecting clients to crash."], "mitigation": {"lang": "en:us", "value": "Do not run iperf3 as a publicly accessible service unless required. If required, restrict availability to the iperf3 server to only allow access from network ranges of trusted clients. Do not connect to iperf3 servers that you do not trust."}, "name": "CVE-2023-38403", "public_date": "2023-07-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-38403\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-38403\nhttps://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc"], "statement": "The most common usage of iperf3 is temporary and between trusted devices on private networks. Users may be impacted by this vulnerability if they are hosting publicly available iperf3 servers or are connecting to iperf3 servers they do not control or trust.", "threat_severity": "Important", "upstream_fix": "iperf 3.14"}