Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

SUSE Linux Micro 6.1 Security Update for iperf Important Buffer Overflow

suse
Calendar Grey February 17, 2026
Dist Suse Esm H88
SUSE's important update for iperf addresses critical issues like buffer overflow and Base64Decode assertion failure.
An update that solves three vulnerabilities can now be installed.

Summary

## This update for iperf fixes the following issues: * updated to 3.19.1: * CVE-2025-54349: Fixed off-by-one error heap based buffer overflow in iperf_auth.c (bsc#1247519) * CVE-2025-54350: Fixed Base64Decode assertion failure in iperf_auth.c (bsc#1247520) * CVE-2025-54351: Fixed buffer overflow when --skip-rx-copy is used in net.c (bsc#1247522) * updated to 3.19 * iperf3 now supports the use of Multi-Path TCP (MPTCPv1) on Linux with the use of the `-m` or `--mptcp` flag. (PR #1661) * iperf3 now supports a `--cntl-ka` option to enable TCP keepalives on the control connection. (#812, #835, PR #1423) * iperf3 now supports the `MSG_TRUNC` receive option, specified by the `--skip-rx-copy`. This theoretically improves the rated throughput of tests at high bitrates by not delivering network payload data to userspace.

References

* bsc#1247519

* bsc#1247520

* bsc#1247522

Cross-

* CVE-2025-54349

* CVE-2025-54350

* CVE-2025-54351

CVSS scores:

* CVE-2025-54349 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

* CVE-2025-54349 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

* CVE-2025-54349 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

* CVE-2025-54350 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2025-54350 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-54350 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-54351 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-54351 ( NVD ): 8.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:20413-1
Release Date: 2025-09-19T07:54:22Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here