Back to bug 2222204
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Mauro Matteo Cascella | 2023-07-12 09:11:50 UTC | Depends On | 2222205, 2222206 | |
| Mauro Matteo Cascella | 2023-07-12 09:12:18 UTC | Blocks | 2222207 | |
| FrantiĆĄek Hrdina | 2023-07-12 09:14:12 UTC | CC | fhrdina | |
| TEJ RATHI | 2023-07-18 04:54:01 UTC | Depends On | 2223495 | |
| TEJ RATHI | 2023-07-18 04:58:12 UTC | Summary | TRIAGE iperf3: memory allocation hazard and crash | TRIAGE-CVE-2023-38403 TRIAGE iperf3: memory allocation hazard and crash |
| Alias | TRIAGE-CVE-2023-38403 | |||
| Carl George đ€ | 2023-07-19 02:36:17 UTC | CC | carl | |
| TEJ RATHI | 2023-07-20 12:05:59 UTC | Comment | 0 | updated |
| Mauro Matteo Cascella | 2023-07-20 15:11:32 UTC | Depends On | 2223729 | |
| Mauro Matteo Cascella | 2023-07-20 15:12:57 UTC | Depends On | 2223676 | |
| Zack Miele | 2023-07-20 15:49:33 UTC | Doc Text | An integer overflow flaw was found in the way iperf3 dynamically allocates memory buffers for JSON formatted messages. A remote attacker could send a specially crafted sequence of bytes on the iperf3 control channel with a specified JSON message length of 0xffffffff to trigger an integer overflow leading the receiving process to abort due to heap corruption. An attacker could use a malicious client to cause a denial of service of an iperf3 server or potentially use a malicious server to cause connecting clients to crash. | |
| Zack Miele | 2023-07-20 17:07:57 UTC | Severity | medium | high |
| Priority | medium | high | ||
| RaTasha Tillery-Smith | 2023-07-20 17:26:26 UTC | Doc Text | An integer overflow flaw was found in the way iperf3 dynamically allocates memory buffers for JSON formatted messages. A remote attacker could send a specially crafted sequence of bytes on the iperf3 control channel with a specified JSON message length of 0xffffffff to trigger an integer overflow leading the receiving process to abort due to heap corruption. An attacker could use a malicious client to cause a denial of service of an iperf3 server or potentially use a malicious server to cause connecting clients to crash. | An integer overflow flaw was found in the way iperf3 dynamically allocates memory buffers for JSON-formatted messages. A remote attacker could send a specially crafted sequence of bytes on the iperf3 control channel with a specified JSON message length of 0xffffffff to trigger an integer overflow leading the receiving process to abort due to heap corruption. This flaw allows an attacker to use a malicious client to cause a denial of service of an iperf3 server or potentially use a malicious server to cause connecting clients to crash. |
| Zack Miele | 2023-07-20 20:05:38 UTC | Alias | TRIAGE-CVE-2023-38403 | CVE-2023-38403 |
| Summary | TRIAGE-CVE-2023-38403 TRIAGE iperf3: memory allocation hazard and crash | CVE-2023-38403 CVE-2023-38403 TRIAGE iperf3: memory allocation hazard and crash | ||
| Zack Miele | 2023-07-20 20:07:49 UTC | Summary | CVE-2023-38403 CVE-2023-38403 TRIAGE iperf3: memory allocation hazard and crash | CVE-2023-38403 TRIAGE iperf3: memory allocation hazard and crash |
| Zack Miele | 2023-07-20 20:13:40 UTC | Depends On | 2224435, 2224437, 2224436 | |
| Zack Miele | 2023-07-20 20:13:59 UTC | Summary | CVE-2023-38403 TRIAGE iperf3: memory allocation hazard and crash | CVE-2023-38403 iperf3: memory allocation hazard and crash |
| Zack Miele | 2023-07-20 20:24:45 UTC | Depends On | 2224442, 2224440, 2224447, 2224441, 2224439, 2224444, 2224446, 2224445, 2224443 | |
| Joe Orton | 2023-07-21 08:55:27 UTC | CC | jorton | |
| Zack Miele | 2023-07-21 13:05:28 UTC | Depends On | 2224558 | |
| Stepan Broz | 2023-07-24 09:05:16 UTC | CC | sbroz | |
| Bryan Mason | 2023-07-27 17:18:09 UTC | QA Contact | bmason | |
| Bryan Mason | 2023-07-27 17:19:23 UTC | QA Contact | bmason | |
| errata-xmlrpc | 2023-07-31 08:53:11 UTC | Link ID | Red Hat Product Errata RHSA-2023:4326 | |
| errata-xmlrpc | 2023-08-01 14:10:48 UTC | Link ID | Red Hat Product Errata RHSA-2023:4416 | |
| errata-xmlrpc | 2023-08-01 14:11:08 UTC | Link ID | Red Hat Product Errata RHSA-2023:4414 | |
| errata-xmlrpc | 2023-08-01 14:11:12 UTC | Link ID | Red Hat Product Errata RHSA-2023:4415 | |
| errata-xmlrpc | 2023-08-02 13:27:05 UTC | Link ID | Red Hat Product Errata RHSA-2023:4431 | |
| errata-xmlrpc | 2023-08-02 13:30:57 UTC | Link ID | Red Hat Product Errata RHSA-2023:4432 | |
| errata-xmlrpc | 2023-08-08 15:36:50 UTC | Link ID | Red Hat Product Errata RHSA-2023:4571 | |
| errata-xmlrpc | 2023-08-08 15:37:31 UTC | Link ID | Red Hat Product Errata RHSA-2023:4570 | |
| Product Security DevOps Team | 2023-08-08 21:00:31 UTC | Resolution | --- | ERRATA |
| Status | NEW | CLOSED | ||
| Last Closed | 2023-08-08 21:00:31 UTC |
Back to bug 2222204