Home > Vulnerability Database > CVE-2025-54351

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2025-54351

Good to know:

Date: August 2, 2025

In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv).

Severity Score

8.9

Related Resources (5)

Url: https://github.com/esnet/iperf/releases/tag/3.19.1

Url: https://security.alpinelinux.org/vuln/CVE-2025-54351

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-54351

Url: https://github.com/esnet/iperf/commit/969b7f70c447513e92c9798f22e82b40ebc53bf0

Url: https://www.mend.io/vulnerability-database/CVE-2025-54351

Severity Score

8.9

Weakness Type (CWE)

Unprotected Alternate Channel

CWE-420

Top Fix

Upgrade Version

Upgrade to version https://github.com/esnet/iperf.git - 3.19.1

CVSS v3.1

Base Score:	8.9
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	LOW

Do you need more information?

Contact Us