Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2023-38403

UNKNOWN
Published 2023-07-17T00:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2023-38403. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-hgwq-wchh-f9vv

Advisory Details

iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-38403
WEB https://github.com/esnet/iperf/issues/1542
WEB https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9
WEB https://bugs.debian.org/1040830
WEB https://cwe.mitre.org/data/definitions/130.html
WEB https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc
WEB https://lists.debian.org/debian-lts-announce/2023/07/msg00025.html
WEB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6EBWWF4PEQKROEVXGYSTIT2MGBTLU7
WEB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M25Z5FHTO3XWMGP37JHJ7IIIHSGCLKEV
WEB https://lists.fedoraproject.org/archives/list/[email protected]/message/BV6EBWWF4PEQKROEVXGYSTIT2MGBTLU7
WEB https://lists.fedoraproject.org/archives/list/[email protected]/message/M25Z5FHTO3XWMGP37JHJ7IIIHSGCLKEV
WEB https://security.netapp.com/advisory/ntap-20230818-0016
WEB https://support.apple.com/kb/HT213984
WEB https://support.apple.com/kb/HT213985
WEB http://seclists.org/fulldisclosure/2023/Oct/24
WEB http://seclists.org/fulldisclosure/2023/Oct/26

Advisory provided by GitHub Security Advisory Database. Published: July 17, 2023, Modified: January 9, 2024

References

https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc
https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9
https://bugs.debian.org/1040830
https://github.com/esnet/iperf/issues/1542
https://cwe.mitre.org/data/definitions/130.html
https://lists.debian.org/debian-lts-announce/2023/07/msg00025.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M25Z5FHTO3XWMGP37JHJ7IIIHSGCLKEV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6EBWWF4PEQKROEVXGYSTIT2MGBTLU7/
https://security.netapp.com/advisory/ntap-20230818-0016/
https://support.apple.com/kb/HT213984
https://support.apple.com/kb/HT213985
http://seclists.org/fulldisclosure/2023/Oct/24
http://seclists.org/fulldisclosure/2023/Oct/26
Published: 2023-07-17T00:00:00
Last Modified: 2024-11-27T14:33:27.522Z
Copied to clipboard!