Bug 32120 - iperf new security issue fixed upstream in 3.14 (CVE-2023-38403)
Summary: iperf new security issue fixed upstream in 3.14 (CVE-2023-38403)
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA8TOO MGA8-64-OK MGA9-64-OK
Keywords: advisory, has_procedure, validated_update
Depends on:
Blocks:
 
Reported: 2023-07-18 16:10 CEST by David Walser
Modified: 2023-09-30 21:18 CEST (History)
7 users (show)

See Also:
Source RPM: iperf-3.9-2.mga9.src.rpm
CVE:
Status comment: Fixed upstream in 3.14

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2023-07-18 16:10:19 CEST 
Debian has issued an advisory on July 17:
https://www.debian.org/security/2023/dsa-5455

The issue is fixed upstream in 3.14.

Mageia 8 is also affected.
Comment 1 Lewis Smith 2023-07-19 20:40:51 CEST 
This pkg is officially with Sander, but I am unsure that he is with us these days. So assigning globally, CC'ing him.

Assignee: bugsquad => pkg-bugs
Status comment: (none) => fixed upstream in 3.14
CC: (none) => mageia

Comment 2 David Walser 2023-07-24 23:19:21 CEST 
This is:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38403

Summary: iperf new security issue fixed upstream in 3.14 => iperf new security issue fixed upstream in 3.14 (CVE-2023-38403)
Status comment: fixed upstream in 3.14 => Fixed upstream in 3.14
Whiteboard: (none) => MGA8TOO

Comment 3 Mike Rambo 2023-09-03 17:37:48 CEST 
Package updated for cauldron, Mageia 9, and Mageia 8


Advisory:
========================

Patched iperf package fixes security vulnerability:

It was discovered that iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field (CVE-2023-38403).


References:
https://www.debian.org/security/2023/dsa-5455
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38403
========================

Updated packages in core/updates_testing:
========================
iperf-3.14-1.mga8
lib64iperf0-3.14-1.mga8
lib64iperf-devel-3.14-1.mga8

from iperf-3.14-1.mga8.src.rpm

(for mga9)
iperf-3.14-1.mga9
lib64iperf0-3.14-1.mga9
lib64iperf-devel-3.14-1.mga9

from iperf-3.14-1.mga9.src.rpm

test procedure https://bugs.mageia.org/show_bug.cgi?id=18743#c3

Keywords: (none) => has_procedure
CC: (none) => mhrambo3501
Version: Cauldron => 9
Assignee: pkg-bugs => qa-bugs

Comment 4 Dave Hodgins 2023-09-03 19:44:07 CEST 
m8 client/host within my lan with the server running iperf3 -s
# iperf3 -c 192.168.10.2 
Connecting to host 192.168.10.2, port 5201
[  5] local 192.168.10.101 port 33576 connected to 192.168.10.2 port 5201
[ ID] Interval           Transfer     Bitrate         Retr  Cwnd
[  5]   0.00-1.00   sec  95.2 MBytes   799 Mbits/sec    0   1.16 MBytes       
[  5]   1.00-2.00   sec   106 MBytes   891 Mbits/sec    0   2.09 MBytes       
[  5]   2.00-3.00   sec   102 MBytes   860 Mbits/sec    0   2.65 MBytes       
[  5]   3.00-4.00   sec  95.0 MBytes   797 Mbits/sec    0   2.65 MBytes       
[  5]   4.00-5.00   sec   104 MBytes   870 Mbits/sec    0   2.65 MBytes       
[  5]   5.00-6.00   sec  96.2 MBytes   808 Mbits/sec    0   2.65 MBytes       
[  5]   6.00-7.00   sec   105 MBytes   881 Mbits/sec    0   2.65 MBytes       
[  5]   7.00-8.00   sec   101 MBytes   848 Mbits/sec    0   2.65 MBytes       
[  5]   8.00-9.00   sec  98.8 MBytes   829 Mbits/sec    0   2.65 MBytes       
[  5]   9.00-10.00  sec   100 MBytes   840 Mbits/sec    0   2.80 MBytes       
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  1004 MBytes   842 Mbits/sec    0             sender
[  5]   0.00-10.00  sec  1002 MBytes   840 Mbits/sec                  receiver

iperf Done.

Will test m9 later today

Whiteboard: MGA8TOO => MGA8TOO MGA8-64-OK
CC: (none) => davidwhodgins

Comment 5 Brian Rockwell 2023-09-23 19:33:32 CEST 
M9-64bit - i set up both client and server iperf3

-----------------------------------------------------------
Server listening on 5201 (test #1)
-----------------------------------------------------------
Accepted connection from 192.168.10.147, port 45788
[  5] local 192.168.10.103 port 5201 connected to 192.168.10.147 port 49362
[ ID] Interval           Transfer     Bitrate
[  5]   0.00-1.00   sec  11.2 MBytes  11.2 MBytes/sec                  
[  5]   1.00-2.00   sec  11.2 MBytes  11.2 MBytes/sec                  
[  5]   2.00-3.00   sec  11.2 MBytes  11.2 MBytes/sec                  
[  5]   3.00-4.00   sec  11.2 MBytes  11.2 MBytes/sec                  
[  5]   4.00-5.00   sec  11.2 MBytes  11.2 MBytes/sec                  
[  5]   5.00-6.00   sec  11.2 MBytes  11.2 MBytes/sec                  
[  5]   6.00-7.00   sec  11.2 MBytes  11.2 MBytes/sec                  
[  5]   7.00-8.00   sec  11.2 MBytes  11.2 MBytes/sec                  
[  5]   8.00-9.00   sec  11.2 MBytes  11.2 MBytes/sec                  
[  5]   9.00-10.00  sec  11.2 MBytes  11.2 MBytes/sec                  
[  5]  10.00-10.00  sec  31.1 KBytes  10.2 MBytes/sec                  
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate
[  5]   0.00-10.00  sec   112 MBytes  11.2 MBytes/sec                  receiver

working from my perspective on m9.

CC: (none) => brtians1
Whiteboard: MGA8TOO MGA8-64-OK => MGA8TOO MGA8-64-OK MGA9-64-OK

Comment 6 Thomas Andrews 2023-09-24 02:41:38 CEST 
Validating. Advisory in comment 3.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Comment 7 Marja Van Waes 2023-09-30 13:52:24 CEST 
Sorry, I had missed that this one had been validated.
Advisory uploaded now

Keywords: (none) => advisory
CC: (none) => marja11

Comment 8 Mageia Robot 2023-09-30 21:18:23 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2023-0271.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.