Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 38: FEDORA-2023-8a2d9c4a89 Critical: netstat Buffer Overflow

fedora
Calendar Grey July 29, 2023
Dist Fedora Esm H88
Fedora 37 has rolled out an Iperf3 patch that resolves a vital memory allocation vulnerability, enhancing both performance and security protocols.
Update to 3.14

Summary

Iperf is a tool to measure maximum TCP bandwidth, allowing the tuning of

various parameters and UDP characteristics. Iperf reports bandwidth, delay

jitter, data-gram loss.

Update Information:

Update to 3.14. Security fix for CVE-2023-38403

Topics%20covered

Topics Covered

security advisory Fedora security fix critical severity performance tool memory hazard iperf3

Change Log

* Tue Jul 18 2023 Jonathan Wright - 3.14-1 - update to 3.14 rhbz#2183634 - Security fix for CVE-2023-38403 rhbz#2222204 rhbz#2223495 * Mon Feb 20 2023 Jonathan Wright - 3.13-1 - update to 3.13 rhbz#2170949 * Thu Jan 19 2023 Fedora Release Engineering - 3.12-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Mon Dec 12 2022 Jonathan Wright - 3.12-1 - Update to 3.12 rhbz#2131418 * Tue Sep 27 2022 Davide Cavalca - 3.11-3 - Backport PR#1278: Report number of reorder_seen. Fixes: rhbz#2063959

References


[ 1 ] Bug #2223495 - TRIAGE iperf3: memory allocation hazard and crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2223495

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-5f3b4c0b97' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: iperf3
Product: Fedora 37
Version: 3.14
Release: 1.fc37
URL: https://github.com/esnet/iperf
Summary: Measurement tool for TCP/UDP bandwidth performance

Topics%20covered

Topics Covered

security advisory Fedora security fix critical severity performance tool memory hazard iperf3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here