CVE-2025-54351
- Source
- https://cve.org/CVERecord?id=CVE-2025-54351
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-54351.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-54351
- Downstream
- Related
- Published
- 2025-08-03T02:15:37.380Z
- Modified
- 2026-02-17T06:42:10.891846Z
- Severity
-
- 10.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv).
- References
Affected packages
Git / github.com/esnet/iperf
Affected ranges
- Type
- GIT
- Repo
- https://github.com/esnet/iperf
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
2.*
2.0-RELEASE
2.0.1-RELEASE
2.0.2-RELEASE
2.0.3-RELEASE
2.0.4-RELEASE
3.*
3.0-ALPHA1
3.0-BETA1
3.0-BETA2
3.0-BETA3
3.0-BETA4
3.0-BETA5
3.0.1
3.0.4
3.1
3.10
3.10.1
3.11
3.12
3.13
3.14
3.15
3.16
3.16-beta1
3.17.1
3.18
3.19
3.1b1
3.1b2
3.1b3
3.2
3.2rc1
3.3
3.4
3.5
3.6
3.7
3.8
3.8.1
3.9
iperf-3.*
iperf-3.0a1
Other
iperf3
trunk
Database specific
vanir_signatures
[
{
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/net.c",
"function": "Nrecv"
},
"digest": {
"length": 1143.0,
"function_hash": "106754048435993421371103722541207670380"
},
"id": "CVE-2025-54351-216e44d1",
"source": "https://github.com/esnet/iperf/commit/969b7f70c447513e92c9798f22e82b40ebc53bf0",
"signature_type": "Function"
},
{
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/net.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"32069343430088178690693599257640083000",
"155081654813016190320025480782412286210",
"283023448728263561806811487607167057863",
"300337696464580010152894795017778262597",
"313065390166114718566480872835735404786",
"314249823145358004879035965698132656374",
"32187999371874724301125581875207432576",
"173537867481905995912095372489662167498",
"171754298262011829441506255233584333041",
"167012814525468168370036117967073934280",
"132927510004657017148772691476155412755",
"337736796829847472632816814823325542326",
"304265774051339906743674745602504015222",
"227258586638599940439333799693813233921",
"122505816253579806055946100211523680555",
"221145903285853186837464146271087804748",
"60303164895671775093740835976763091911",
"246728094936250580783304485935073041220",
"256550544988934875386689502897207731010",
"260761597470167823251478258196861480293",
"74304528607843985386342624545941948622",
"180091905530473344708007724100318166586",
"262854086518539490727188458766430843591",
"190702219456582815482958778836885498026"
]
},
"id": "CVE-2025-54351-d05417ad",
"source": "https://github.com/esnet/iperf/commit/969b7f70c447513e92c9798f22e82b40ebc53bf0",
"signature_type": "Line"
},
{
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/net.c",
"function": "Nrecv_no_select"
},
"digest": {
"length": 470.0,
"function_hash": "289136881041769423876731907534497810987"
},
"id": "CVE-2025-54351-fdea148c",
"source": "https://github.com/esnet/iperf/commit/969b7f70c447513e92c9798f22e82b40ebc53bf0",
"signature_type": "Function"
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-54351.json"