## This update for iperf fixes the following issues: Update to 3.18 (bsc#1234705, CVE-2024-53580): * SECURITY NOTE: Thanks to Leonid Krolle Bi.Zone for discovering a JSON type security vulnerability that caused a segmentation fault in the server. (CVE-2024-53580) This has now been fixed. (PR#1810) * UDP packets per second now reports the correct number of packets, by reporting NET_SOFTERROR if there's a EAGAIN/EINTR errno if no data was sent (#1367/PR#1379). * Several segmentation faults related to threading were fixed. One where `pthread_cancel` was called on an improperly initialized thread (#1801), another where threads were being recycled (#1760/PR#1761), and another where threads were improperly handling signals (#1750/PR#1752). * A segmentation fault from calling `freeaddrinfo` with `NULL` was fixed
* bsc#1234705
Cross-
* CVE-2024-53580
CVSS scores:
* CVE-2024-53580 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-53580 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-53580 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* SUSE Linux Micro 6.0
* SUSE Linux Micro Extras 6.0
An update that solves one vulnerability can now be installed.
##
* https://www.suse.com/security/cve/CVE-2024-53580.html
* https://bugzilla.suse.com/show_bug.cgi?id=1234705
Get the latest Linux and open source security news straight to your inbox.