A bug exists in the way that the included version of the cjson library handles Unicode literals in JSON string constants. A malformed Unicode literal can cause a process parsing a block of JSON to overwrite a pre-allocated buffer in the heap. Note that this bug has already been fixed in recent versions of cjson. A malicious process can connect to an iperf3 server and, by sending a malformed message on the control channel, corrupt the server process's heap area. This can lead to a crash (and a denial of service), or theoretically a remote code execution as the user running the iperf3 server. A malicious iperf3 server could potentially mount a similar attack on an iperf3 client. External references: https://raw.githubusercontent.com/esnet/security/master/cve-2016-4303/esnet-secadv-2016-0001.txt.asc
Created iperf3 tracking bugs for this issue: Affects: fedora-all [bug 1344616] Affects: epel-all [bug 1344617]
iperf3-3.1.3-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
iperf3-3.1.3-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
iperf3-3.1.3-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.
iperf3-3.0.12-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.