CVE-2023-7250

Published: Mar 18, 2024Modified: Nov 3, 2025

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 3.9 / Impact: 1.4

Source: secalert@redhat.com (Secondary)

Description

A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service.

Affected (8)

Products: Es: Iperf3 · Redhat: Enterprise Linux, Enterprise Linux For Arm 64, Enterprise Linux For Ibm Z Systems, Enterprise Linux For Power Little Endian

1 product

Iperf3

Redhat

4 products

Enterprise Linux

Enterprise Linux For Arm 64

Enterprise Linux For Ibm Z Systems

Enterprise Linux For Power Little Endian

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Es Iperf3	Before 3.15

Configuration B

7 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 8.0
Redhat Enterprise Linux	Version 9.0
Redhat Enterprise Linux For Arm 64	Version 8.0_aarch64
Redhat Enterprise Linux For Arm 64	Version 9.0_aarch64
Redhat Enterprise Linux For Ibm Z Systems	Version 8.0_s390x
Redhat Enterprise Linux For Ibm Z Systems	Version 9.0_s390x
Redhat Enterprise Linux For Power Little Endian	Version 8.0_ppc64le