Advisories » MGASA-2026-0021

Updated iperf packages fix security vulnerabilities

Publication date: 27 Jan 2026
Modification date: 27 Jan 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-54349 , CVE-2025-54350

Description

In iperf before 3.19.1, iperf_auth.c has an off-by-one error and
resultant heap-based buffer overflow. (CVE-2025-54349)
In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion
failure and application exit upon a malformed authentication attempt.
(CVE-2025-54350)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=35047
• https://ubuntu.com/security/notices/USN-7970-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54349
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54350

SRPMS

9/core

• iperf-3.18-1.1.mga9