Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

SUSE: iperf Important Network Security Update 2025:20795-1 (CVE-2025-54349)

suse
Calendar Grey September 26, 2025
Dist Suse Esm H88
Important security update for iperf resolves multiple vulnerabilities, enhancing system protection and network efficiency.
* bsc#1247519 * bsc#1247520 * bsc#1247522 Cross-References:

Summary

## This update for iperf fixes the following issues: * updated to 3.19.1: * CVE-2025-54349: Fixed off-by-one error heap based buffer overflow in iperf_auth.c (bsc#1247519) * CVE-2025-54350: Fixed Base64Decode assertion failure in iperf_auth.c (bsc#1247520) * CVE-2025-54351: Fixed buffer overflow when --skip-rx-copy is used in net.c (bsc#1247522) * updated to 3.19 * iperf3 now supports the use of Multi-Path TCP (MPTCPv1) on Linux with the use of the `-m` or `--mptcp` flag. (PR #1661) * iperf3 now supports a `--cntl-ka` option to enable TCP keepalives on the control connection. (#812, #835, PR #1423) * iperf3 now supports the `MSG_TRUNC` receive option, specified by the `--skip-rx-copy`. This theoretically improves the rated throughput of tests at high bitrates by not delivering network payload data to userspace.

References

* bsc#1247519

* bsc#1247520

* bsc#1247522

Cross-

* CVE-2025-54349

* CVE-2025-54350

* CVE-2025-54351

CVSS scores:

* CVE-2025-54349 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

* CVE-2025-54349 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

* CVE-2025-54349 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

* CVE-2025-54350 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2025-54350 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-54350 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-54351 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-54351 ( NVD ): 8.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:20795-1
Release Date: 2025-09-19T07:54:22Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here