Vulnerability from csaf_suse
Published
2023-09-28 12:29
Modified
2023-09-28 12:29
Summary
Security update for iperf
Notes
Title of the patch
Security update for iperf
Description of the patch
This update for iperf fixes the following issues:
- update to 3.15 (bsc#1215662, ESNET-SECADV-2023-0002):
* Several bugs that could allow the iperf3 server to hang waiting
for input on the control connection has been fixed
(ESnet Software Security Advisory ESNET-SECADV-2023-0002)
* A bug that caused garbled output with UDP tests on 32-bit hosts
has been fixed (PR #1554, PR #1556). This bug was introduced in
iperf-3.14.
* A bug in counting UDP messages has been fixed
- update to 3.14 (bsc#1213430, CVE-2023-38403):
* fixes a memory allocation hazard that allowed a remote user to
crash an iperf3 process
* see https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc
- update to 3.13:
* Added missing bind_dev getter and setter.
* a fix for A resource leak bug in function iperf_create_pidfile (#1443)
* doc: Fix copy-and-paste error leading to wrong error message
* Fix crash on rcv-timeout with JSON logfile
- update to 3.12:
* cJSON has been updated to version 1.7.15 (#1383).
* The --bind <host>%<dev> option syntax now works properly (#1360 /
* A server-side file descriptor leak with the --logfile option has
been fixed (#1369 / #1360 / #1369 / #1389 / #1393).
* A bug that caused some large values from TCP_INFO to be misprinted
as negative numbers has been fixed (#1372).
* Using the -k or -n flags with --reverse no longer leak into future
tests (#1363 / #1364).
* There are now various debug level options available with the
--debug option. These can be used to adjust the amount of
debugging output (#1327).
* A new --snd-timeout option has been added to set a termination
timeout for idle TCP connections (#1215 / #1282).
* iperf3 is slightly more robust to out-of-order packets during UDP
connection setup in --reverse mode (#914 / #1123 / #1182 / #1212 /
* iperf3 will now use different ports for each direction when the
--cport and --bdir options are set (#1249 / #1259).
* The iperf3 server will now exit if it can't open its log file
* Various help message and output fixes have been made (#1299 /
* Various compiler warnings have been fixed (#1211 / #1316).
* Operation of bootstrap.sh has been fixed and simplified (#1335 /
* Flow label support / compatibility under Linux has been improved
* Various minor memory leaks have been fixed (#1332 / #1333).
* A getter/setter has been added for the bind_port parameter
(--cport option). (#1303, #1305)
* Various internal documentation improvements (#1265 / #1285 / #1304).
- update to 3.11:
* Update links to Discussions in documentation
* Fix DSCP so that TOS = DSCP * 4 (#1162)
* Fix --bind-dev for TCP streams (#1153)
* Fix interface specification so doesn't overlap with IPv6 link-local addresses for -c and -B (#1157, #1180)
* Add get/set test_unit_format function declaration to iperf_api.h
* Auto adjustment of test-end condition for file transfers (-F), if no end condition is set,
it will automatically adjust it to file size in bytes
* Exit if idle time expires waiting for a connection in one-off mode (#1187, #1197)
* Support zerocopy by reverse mode (#1204)
* Update help and manpage text for #1157, support bind device
* Consistently print target_bandwidth in JSON start section (#1177)
* Test bitrate added to JSON output (#1168)
* Remove fsync call after every write to receiving --file (#1176, #1159)
* Update documentation for -w (#1175)
* Fix for #952, different JSON object names for bidir reverse channel
- update to 3.10.1:
* Fixed a problem with autoconf scripts that made builds fail in
some environments (#1154 / #1155).
* GNU autoconf 2.71 or newer is now required to regenerate iperf3's
configure scripts.
- update to 3.10:
* Fix a bug where some --reverse tests didn't terminate (#982 /
#1054).
* Responsiveness of control connections is slightly improved (#1045
/ #1046 / #1063).
* The allowable clock skew when doing authentication between client
and server is now configurable with the new --time-skew-threshold
(#1065 / #1070).
* Bitrate throttling using the -b option now works when a burst size
is specified (#1090).
* A bug with calculating CPU utilization has been fixed (#1076 /
#1077).
* A --bind-dev option to support binding sockets to a given network
interface has been added to make iperf3 work better with
multi-homed machines and/or VRFs (#817 / #1089 / #1097).
* --pidfile now works with --client mode (#1110).
* The server is now less likely to get stuck due to network errors
(#1101, #1125), controlled by the new --rcv-timeout option.
* Fixed a few bugs in termination conditions for byte or
block-limited tests (#1113, #1114, #1115).
* Added tcp_info.snd_wnd to JSON output (#1148).
* Some bugs with garbled JSON output have been fixed (#1086, #1118,
#1143 / #1146).
* Support for setting the IPv4 don't-fragment (DF) bit has been
added with the new --dont-fragment option (#1119).
* A failure with not being able to read the congestion control
algorithm under WSL1 has been fixed (#1061 / #1126).
* Error handling and error messages now make more sense in cases
where sockets were not successfully opened (#1129 / #1132 /
#1136, #1135 / #1138, #1128 / #1139).
* Some buffer overflow hazards were fixed (#1134).
* It is now possible to use the API to set/get the congestion
control algorithm (#1036 / #1112).
- update to 3.9:
* A --timestamps flag has been added, which prepends a timestamp to
each output line. An optional argument to this flag, which is a
format specification to strftime(3), allows for custom timestamp
formats (#909, #1028).
* A --server-bitrate-limit flag has been added as a server-side
command-line argument. It allows a server to enforce a maximum
throughput rate; client connections that specify a higher bitrate
or exceed this bitrate during a test will be terminated. The
bitrate is expressed in bits per second, with an optional trailing
slash and integer count that specifies an averaging interval over
which to enforce the limit (#999).
* A bug that caused increased CPU usage with the --bidir option has
been fixed (#1011).
* Fixed various minor memory leaks (#1023).
- update to 3.8.1
* Minor bugfixes and enhancements
- update to 3.7
* Support for simultaneous bidirectional tests with the --bidir flag
* Use POSIX standard clock_gettime(3) interface for timekeeping where
available
* Passwords for authentication can be provided via environment
variable
* Specifying --repeating-payload and --reverse now works
* Failed authentication doesn't count for --one-off
* Several memory leaks related to authenticated use were fixed
* The delay for tearing down the control connection for the default
timed tests has been increased, to more gracefully handle
high-delay paths
* Various improvements to the libiperf APIs
* Fixed build behavior when OpenSSL is absent
* Portability fixes
- update to 3.6
* A new --extra-data option can be used to fill in a user-defined
string field that appears in JSON output.
* A new --repeating-payload option makes iperf3 use a payload pattern
similar to that used by iperf2, which could help in recreating
results that might be affected by payload entropy (for example,
compression).
* -B now works properly with SCTP tests.
* A compile fix for Solaris 10 was added.
* Some minor bug fixes for JSON output. In particular, warnings for
debug and/or verbose modes with --json output and a fix for
JSON output on CentOS 6
* This maintenance release adds a -1 flag to make the iperf3
execute a single test and exit, needed for an upcoming bwctl
there is only one stream.
Patchnames
SUSE-2023-3887,SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3887,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3887,SUSE-Storage-7.1-2023-3887,openSUSE-SLE-15.4-2023-3887,openSUSE-SLE-15.5-2023-3887
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for iperf", title: "Title of the patch", }, { category: "description", text: "This update for iperf fixes the following issues:\n\n- update to 3.15 (bsc#1215662, ESNET-SECADV-2023-0002):\n * Several bugs that could allow the iperf3 server to hang waiting\n for input on the control connection has been fixed\n (ESnet Software Security Advisory ESNET-SECADV-2023-0002)\n * A bug that caused garbled output with UDP tests on 32-bit hosts\n has been fixed (PR #1554, PR #1556). This bug was introduced in\n iperf-3.14.\n * A bug in counting UDP messages has been fixed\n\n- update to 3.14 (bsc#1213430, CVE-2023-38403):\n * fixes a memory allocation hazard that allowed a remote user to\n crash an iperf3 process\n * see https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc\n\n- update to 3.13:\n * Added missing bind_dev getter and setter.\n * a fix for A resource leak bug in function iperf_create_pidfile (#1443)\n * doc: Fix copy-and-paste error leading to wrong error message\n * Fix crash on rcv-timeout with JSON logfile\n\n- update to 3.12:\n * cJSON has been updated to version 1.7.15 (#1383).\n * The --bind <host>%<dev> option syntax now works properly (#1360 /\n * A server-side file descriptor leak with the --logfile option has\n been fixed (#1369 / #1360 / #1369 / #1389 / #1393).\n * A bug that caused some large values from TCP_INFO to be misprinted\n as negative numbers has been fixed (#1372).\n * Using the -k or -n flags with --reverse no longer leak into future\n tests (#1363 / #1364).\n * There are now various debug level options available with the\n --debug option. These can be used to adjust the amount of\n debugging output (#1327).\n * A new --snd-timeout option has been added to set a termination\n timeout for idle TCP connections (#1215 / #1282).\n * iperf3 is slightly more robust to out-of-order packets during UDP\n connection setup in --reverse mode (#914 / #1123 / #1182 / #1212 /\n * iperf3 will now use different ports for each direction when the\n --cport and --bdir options are set (#1249 / #1259).\n * The iperf3 server will now exit if it can't open its log file\n * Various help message and output fixes have been made (#1299 /\n * Various compiler warnings have been fixed (#1211 / #1316).\n * Operation of bootstrap.sh has been fixed and simplified (#1335 /\n * Flow label support / compatibility under Linux has been improved\n * Various minor memory leaks have been fixed (#1332 / #1333).\n * A getter/setter has been added for the bind_port parameter\n (--cport option). (#1303, #1305)\n * Various internal documentation improvements (#1265 / #1285 / #1304).\n\n- update to 3.11:\n * Update links to Discussions in documentation\n * Fix DSCP so that TOS = DSCP * 4 (#1162)\n * Fix --bind-dev for TCP streams (#1153)\n * Fix interface specification so doesn't overlap with IPv6 link-local addresses for -c and -B (#1157, #1180)\n * Add get/set test_unit_format function declaration to iperf_api.h\n * Auto adjustment of test-end condition for file transfers (-F), if no end condition is set, \n it will automatically adjust it to file size in bytes\n * Exit if idle time expires waiting for a connection in one-off mode (#1187, #1197)\n * Support zerocopy by reverse mode (#1204)\n * Update help and manpage text for #1157, support bind device\n * Consistently print target_bandwidth in JSON start section (#1177)\n * Test bitrate added to JSON output (#1168)\n * Remove fsync call after every write to receiving --file (#1176, #1159)\n * Update documentation for -w (#1175)\n * Fix for #952, different JSON object names for bidir reverse channel\n\n- update to 3.10.1:\n * Fixed a problem with autoconf scripts that made builds fail in\n some environments (#1154 / #1155).\n * GNU autoconf 2.71 or newer is now required to regenerate iperf3's\n configure scripts.\n\n- update to 3.10:\n * Fix a bug where some --reverse tests didn't terminate (#982 /\n #1054).\n * Responsiveness of control connections is slightly improved (#1045\n / #1046 / #1063).\n * The allowable clock skew when doing authentication between client\n and server is now configurable with the new --time-skew-threshold\n (#1065 / #1070).\n * Bitrate throttling using the -b option now works when a burst size\n is specified (#1090).\n * A bug with calculating CPU utilization has been fixed (#1076 /\n #1077).\n * A --bind-dev option to support binding sockets to a given network\n interface has been added to make iperf3 work better with\n multi-homed machines and/or VRFs (#817 / #1089 / #1097).\n * --pidfile now works with --client mode (#1110).\n * The server is now less likely to get stuck due to network errors\n (#1101, #1125), controlled by the new --rcv-timeout option.\n * Fixed a few bugs in termination conditions for byte or\n block-limited tests (#1113, #1114, #1115).\n * Added tcp_info.snd_wnd to JSON output (#1148).\n * Some bugs with garbled JSON output have been fixed (#1086, #1118,\n #1143 / #1146).\n * Support for setting the IPv4 don't-fragment (DF) bit has been\n added with the new --dont-fragment option (#1119).\n * A failure with not being able to read the congestion control\n algorithm under WSL1 has been fixed (#1061 / #1126).\n * Error handling and error messages now make more sense in cases\n where sockets were not successfully opened (#1129 / #1132 /\n #1136, #1135 / #1138, #1128 / #1139).\n * Some buffer overflow hazards were fixed (#1134).\n * It is now possible to use the API to set/get the congestion\n control algorithm (#1036 / #1112).\n\n- update to 3.9:\n * A --timestamps flag has been added, which prepends a timestamp to\n each output line. An optional argument to this flag, which is a\n format specification to strftime(3), allows for custom timestamp\n formats (#909, #1028).\n * A --server-bitrate-limit flag has been added as a server-side\n command-line argument. It allows a server to enforce a maximum\n throughput rate; client connections that specify a higher bitrate\n or exceed this bitrate during a test will be terminated. The\n bitrate is expressed in bits per second, with an optional trailing\n slash and integer count that specifies an averaging interval over\n which to enforce the limit (#999).\n * A bug that caused increased CPU usage with the --bidir option has\n been fixed (#1011).\n * Fixed various minor memory leaks (#1023).\n\n- update to 3.8.1\n * Minor bugfixes and enhancements\n\n- update to 3.7\n * Support for simultaneous bidirectional tests with the --bidir flag\n * Use POSIX standard clock_gettime(3) interface for timekeeping where\n available\n * Passwords for authentication can be provided via environment\n variable\n * Specifying --repeating-payload and --reverse now works\n * Failed authentication doesn't count for --one-off\n * Several memory leaks related to authenticated use were fixed\n * The delay for tearing down the control connection for the default\n timed tests has been increased, to more gracefully handle\n high-delay paths\n * Various improvements to the libiperf APIs\n * Fixed build behavior when OpenSSL is absent\n * Portability fixes\n\n- update to 3.6\n * A new --extra-data option can be used to fill in a user-defined\n string field that appears in JSON output.\n * A new --repeating-payload option makes iperf3 use a payload pattern\n similar to that used by iperf2, which could help in recreating\n results that might be affected by payload entropy (for example,\n compression).\n * -B now works properly with SCTP tests.\n * A compile fix for Solaris 10 was added.\n * Some minor bug fixes for JSON output. In particular, warnings for\n debug and/or verbose modes with --json output and a fix for\n JSON output on CentOS 6\n * This maintenance release adds a -1 flag to make the iperf3\n execute a single test and exit, needed for an upcoming bwctl\n there is only one stream.\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-3887,SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3887,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3887,SUSE-Storage-7.1-2023-3887,openSUSE-SLE-15.4-2023-3887,openSUSE-SLE-15.5-2023-3887", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3887-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:3887-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20233887-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:3887-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016420.html", }, { category: "self", summary: "SUSE Bug 1215662", url: "https://bugzilla.suse.com/1215662", }, { category: "self", summary: "SUSE CVE CVE-2023-38403 page", url: "https://www.suse.com/security/cve/CVE-2023-38403/", }, ], title: "Security update for iperf", tracking: { current_release_date: "2023-09-28T12:29:52Z", generator: { date: "2023-09-28T12:29:52Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:3887-1", initial_release_date: "2023-09-28T12:29:52Z", revision_history: [ { date: "2023-09-28T12:29:52Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "iperf-3.15-150000.3.6.1.aarch64", product: { name: "iperf-3.15-150000.3.6.1.aarch64", product_id: "iperf-3.15-150000.3.6.1.aarch64", }, }, { category: "product_version", name: "iperf-devel-3.15-150000.3.6.1.aarch64", product: { name: "iperf-devel-3.15-150000.3.6.1.aarch64", product_id: "iperf-devel-3.15-150000.3.6.1.aarch64", }, }, { category: "product_version", name: "libiperf0-3.15-150000.3.6.1.aarch64", product: { name: "libiperf0-3.15-150000.3.6.1.aarch64", product_id: "libiperf0-3.15-150000.3.6.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "iperf-3.15-150000.3.6.1.i586", product: { name: "iperf-3.15-150000.3.6.1.i586", product_id: "iperf-3.15-150000.3.6.1.i586", }, }, { category: "product_version", name: "iperf-devel-3.15-150000.3.6.1.i586", product: { name: "iperf-devel-3.15-150000.3.6.1.i586", product_id: "iperf-devel-3.15-150000.3.6.1.i586", }, }, { category: "product_version", name: "libiperf0-3.15-150000.3.6.1.i586", product: { name: "libiperf0-3.15-150000.3.6.1.i586", product_id: "libiperf0-3.15-150000.3.6.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "iperf-3.15-150000.3.6.1.ppc64le", product: { name: "iperf-3.15-150000.3.6.1.ppc64le", product_id: "iperf-3.15-150000.3.6.1.ppc64le", }, }, { category: "product_version", name: "iperf-devel-3.15-150000.3.6.1.ppc64le", product: { name: "iperf-devel-3.15-150000.3.6.1.ppc64le", product_id: "iperf-devel-3.15-150000.3.6.1.ppc64le", }, }, { category: "product_version", name: "libiperf0-3.15-150000.3.6.1.ppc64le", product: { name: "libiperf0-3.15-150000.3.6.1.ppc64le", product_id: "libiperf0-3.15-150000.3.6.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "iperf-3.15-150000.3.6.1.s390x", product: { name: "iperf-3.15-150000.3.6.1.s390x", product_id: "iperf-3.15-150000.3.6.1.s390x", }, }, { category: "product_version", name: "iperf-devel-3.15-150000.3.6.1.s390x", product: { name: "iperf-devel-3.15-150000.3.6.1.s390x", product_id: "iperf-devel-3.15-150000.3.6.1.s390x", }, }, { category: "product_version", name: "libiperf0-3.15-150000.3.6.1.s390x", product: { name: "libiperf0-3.15-150000.3.6.1.s390x", product_id: "libiperf0-3.15-150000.3.6.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "iperf-3.15-150000.3.6.1.x86_64", product: { name: "iperf-3.15-150000.3.6.1.x86_64", product_id: "iperf-3.15-150000.3.6.1.x86_64", }, }, { category: "product_version", name: "iperf-devel-3.15-150000.3.6.1.x86_64", product: { name: "iperf-devel-3.15-150000.3.6.1.x86_64", product_id: "iperf-devel-3.15-150000.3.6.1.x86_64", }, }, { category: "product_version", name: "libiperf0-3.15-150000.3.6.1.x86_64", product: { name: "libiperf0-3.15-150000.3.6.1.x86_64", product_id: "libiperf0-3.15-150000.3.6.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Package Hub 15 SP4", product: { name: "SUSE Linux Enterprise Module for Package Hub 15 SP4", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:packagehub:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Package Hub 15 SP5", product: { name: "SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:packagehub:15:sp5", }, }, }, { category: "product_name", name: "SUSE Enterprise Storage 7.1", product: { name: "SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1", product_identification_helper: { cpe: "cpe:/o:suse:ses:7.1", }, }, }, { category: "product_name", name: "openSUSE Leap 15.4", product: { name: "openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.4", }, }, }, { category: "product_name", name: "openSUSE Leap 15.5", product: { name: "openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.aarch64", }, product_reference: "iperf-3.15-150000.3.6.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP4", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP4", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.ppc64le", }, product_reference: "iperf-3.15-150000.3.6.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP4", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP4", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.s390x", }, product_reference: "iperf-3.15-150000.3.6.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP4", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.x86_64", }, product_reference: "iperf-3.15-150000.3.6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP4", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.aarch64", }, product_reference: "iperf-devel-3.15-150000.3.6.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP4", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP4", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.ppc64le", }, product_reference: "iperf-devel-3.15-150000.3.6.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP4", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP4", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.s390x", }, product_reference: "iperf-devel-3.15-150000.3.6.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP4", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.x86_64", }, product_reference: "iperf-devel-3.15-150000.3.6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.aarch64", }, product_reference: "libiperf0-3.15-150000.3.6.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP4", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.ppc64le", }, product_reference: "libiperf0-3.15-150000.3.6.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP4", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.s390x", }, product_reference: "libiperf0-3.15-150000.3.6.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.x86_64", }, product_reference: "libiperf0-3.15-150000.3.6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP4", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.aarch64", }, product_reference: "iperf-3.15-150000.3.6.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.ppc64le", }, product_reference: "iperf-3.15-150000.3.6.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.s390x", }, product_reference: "iperf-3.15-150000.3.6.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.x86_64", }, product_reference: "iperf-3.15-150000.3.6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.aarch64", }, product_reference: "iperf-devel-3.15-150000.3.6.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.ppc64le", }, product_reference: "iperf-devel-3.15-150000.3.6.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.s390x", }, product_reference: "iperf-devel-3.15-150000.3.6.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.x86_64", }, product_reference: "iperf-devel-3.15-150000.3.6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.aarch64", }, product_reference: "libiperf0-3.15-150000.3.6.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.ppc64le", }, product_reference: "libiperf0-3.15-150000.3.6.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.s390x", }, product_reference: "libiperf0-3.15-150000.3.6.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.x86_64", }, product_reference: "libiperf0-3.15-150000.3.6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.aarch64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:iperf-3.15-150000.3.6.1.aarch64", }, product_reference: "iperf-3.15-150000.3.6.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.x86_64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:iperf-3.15-150000.3.6.1.x86_64", }, product_reference: "iperf-3.15-150000.3.6.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.aarch64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:libiperf0-3.15-150000.3.6.1.aarch64", }, product_reference: "libiperf0-3.15-150000.3.6.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.x86_64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:libiperf0-3.15-150000.3.6.1.x86_64", }, product_reference: "libiperf0-3.15-150000.3.6.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.aarch64", }, product_reference: "iperf-3.15-150000.3.6.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.ppc64le", }, product_reference: "iperf-3.15-150000.3.6.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.s390x", }, product_reference: "iperf-3.15-150000.3.6.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.x86_64", }, product_reference: "iperf-3.15-150000.3.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.aarch64", }, product_reference: "iperf-devel-3.15-150000.3.6.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.ppc64le", }, product_reference: "iperf-devel-3.15-150000.3.6.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.s390x", }, product_reference: "iperf-devel-3.15-150000.3.6.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.x86_64", }, product_reference: "iperf-devel-3.15-150000.3.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.aarch64", }, product_reference: "libiperf0-3.15-150000.3.6.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.ppc64le", }, product_reference: "libiperf0-3.15-150000.3.6.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.s390x", }, product_reference: "libiperf0-3.15-150000.3.6.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.x86_64", }, product_reference: "libiperf0-3.15-150000.3.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.aarch64", }, product_reference: "iperf-3.15-150000.3.6.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.ppc64le", }, product_reference: "iperf-3.15-150000.3.6.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.s390x", }, product_reference: "iperf-3.15-150000.3.6.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "iperf-3.15-150000.3.6.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.x86_64", }, product_reference: "iperf-3.15-150000.3.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.aarch64", }, product_reference: "iperf-devel-3.15-150000.3.6.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.ppc64le", }, product_reference: "iperf-devel-3.15-150000.3.6.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.s390x", }, product_reference: "iperf-devel-3.15-150000.3.6.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "iperf-devel-3.15-150000.3.6.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.x86_64", }, product_reference: "iperf-devel-3.15-150000.3.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.aarch64", }, product_reference: "libiperf0-3.15-150000.3.6.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.ppc64le", }, product_reference: "libiperf0-3.15-150000.3.6.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.s390x", }, product_reference: "libiperf0-3.15-150000.3.6.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libiperf0-3.15-150000.3.6.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.x86_64", }, product_reference: "libiperf0-3.15-150000.3.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, ], }, vulnerabilities: [ { cve: "CVE-2023-38403", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-38403", }, ], notes: [ { category: "general", text: "iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:iperf-3.15-150000.3.6.1.aarch64", "SUSE Enterprise Storage 7.1:iperf-3.15-150000.3.6.1.x86_64", "SUSE Enterprise Storage 7.1:libiperf0-3.15-150000.3.6.1.aarch64", "SUSE Enterprise Storage 7.1:libiperf0-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-38403", url: "https://www.suse.com/security/cve/CVE-2023-38403", }, { category: "external", summary: "SUSE Bug 1213430 for CVE-2023-38403", url: "https://bugzilla.suse.com/1213430", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:iperf-3.15-150000.3.6.1.aarch64", "SUSE Enterprise Storage 7.1:iperf-3.15-150000.3.6.1.x86_64", "SUSE Enterprise Storage 7.1:libiperf0-3.15-150000.3.6.1.aarch64", "SUSE Enterprise Storage 7.1:libiperf0-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:iperf-3.15-150000.3.6.1.aarch64", "SUSE Enterprise Storage 7.1:iperf-3.15-150000.3.6.1.x86_64", "SUSE Enterprise Storage 7.1:libiperf0-3.15-150000.3.6.1.aarch64", "SUSE Enterprise Storage 7.1:libiperf0-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP4:iperf-devel-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP4:libiperf0-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP5:iperf-devel-3.15-150000.3.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP5:libiperf0-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.4:iperf-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.4:iperf-devel-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.4:libiperf0-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.5:iperf-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.5:iperf-devel-3.15-150000.3.6.1.x86_64", "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.aarch64", "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.ppc64le", "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.s390x", "openSUSE Leap 15.5:libiperf0-3.15-150000.3.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-09-28T12:29:52Z", details: "important", }, ], title: "CVE-2023-38403", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.