mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity

iperf3: fix CVE-2025-54350

Browse Source 
CVE-2025-54350:
In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion
failure and application exit upon a malformed authentication attempt.

Reference:
[https://nvd.nist.gov/vuln/detail/CVE-2025-54350]

Upstream patches:
[https://github.com/esnet/iperf/commit/4eab661da0bbaac04493fa40164e928c6df7934a]

Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
This commit is contained in:
Zhang Peng
2025-09-17 13:48:31 +08:00
committed by Anuj Mittal
parent db93848ead
commit 92730597e9
2 changed files with 40 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54350.patch
+39
View File
@@ -0,0 +1,39 @@
From 4cd6c8e85376a33bddd01fac143e27436d41f2b9 Mon Sep 17 00:00:00 2001
From: "Bruce A. Mah" <bmah@es.net>
Date: Tue, 24 Jun 2025 15:58:21 -0700
Subject: [PATCH] Prevent crash due to assertion failures on malformed
authentication attempt.
Reported by Han Lee (Apple Information Security)
CVE-2025-54350
CVE: CVE-2025-54350
Upstream-Status: Backport [https://github.com/esnet/iperf/commit/4eab661da0bbaac04493fa40164e928c6df7934a]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
---
src/iperf_auth.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/src/iperf_auth.c b/src/iperf_auth.c
index 86b4eba..632f03d 100644
--- a/src/iperf_auth.c
+++ b/src/iperf_auth.c
@@ -28,7 +28,6 @@
#include "iperf_config.h"
#include <string.h>
-#include <assert.h>
#include <time.h>
#include <sys/types.h>
/* FreeBSD needs _WITH_GETLINE to enable the getline() declaration */
@@ -152,7 +151,6 @@ int Base64Decode(const char* b64message, unsigned char** buffer, size_t* length)
BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); //Do not use newlines to flush buffer
*length = BIO_read(bio, *buffer, strlen(b64message));
- assert(*length == decodeLen); //length should equal decodeLen, else something went horribly wrong
BIO_free_all(bio);
return (0); //success
--
2.50.0
meta-oe/recipes-benchmark/iperf3/iperf3_3.18.bb
+1
View File
@@ -16,6 +16,7 @@ SRC_URI = "git://github.com/esnet/iperf.git;branch=master;protocol=https \
file://0002-Remove-pg-from-profile_CFLAGS.patch \
file://0001-configure.ac-check-for-CPP-prog.patch \
file://CVE-2025-54349.patch \
file://CVE-2025-54350.patch \
"
SRCREV = "2a2984488d6de8f7a2d1f5938e03ca7be57e227c"