CVE Vulnerabilities

CVE-2025-54351

Unprotected Alternate Channel

Published: Aug 03, 2025 | Modified: Aug 05, 2025
CVSS 3.x
10
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
8.9 IMPORTANT
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
Ubuntu
MEDIUM

In iperf before 3.19.1, net.c has a buffer overflow when –skip-rx-copy is used (for MSG_TRUNC in recv).

Weakness

The product protects a primary channel, but it does not use the same level of protection for an alternate channel.

Affected Software

Name Vendor Start Version End Version
Iperf Iperf_project * 3.19.1 (excluding)

Potential Mitigations

References