CVE-2025-54351

CRITICAL EPSS 30.2%
Published Aug 3, 202511mo ago ยท Modified Jun 17, 20261w ago
10.0 CVSS 3.1
Critical
Find Similar
Published Aug 3, 2025 11mo ago
Last Modified Jun 17, 2026 1w ago

Description

In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv).

CVSS Details

Base Score
10.0
Exploitability
3.9
Impact
6.0
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Changed
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
30.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-420

Affected Products 1

VendorProductVersionRange
esiperf33.19any

References 2

  • github.com https://github.com/esnet/iperf/commit/969b7f70c447513e92c9798f22e82b40ebc53bf0
    Patch
  • github.com https://github.com/esnet/iperf/releases/tag/3.19.1
    Release Notes

Remediation

  • github.com https://github.com/esnet/iperf/commit/969b7f70c447513e92c9798f22e82b40ebc53bf0
    Patch