Bugzilla – Bug 1224262
VUL-0: CVE-2024-26306: iperf: vulnerable to marvin attack if the authentication option is used
Last modified: 2024-07-11 09:20:08 UTC
iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26306 https://www.cve.org/CVERecord?id=CVE-2024-26306 https://downloads.es.net/pub/iperf/esnet-secadv-2024-0001.txt.asc https://github.com/esnet/iperf/releases/tag/3.17 https://bugzilla.redhat.com/show_bug.cgi?id=2270270
The fixing commit seems to be available at: https://github.com/esnet/iperf/commit/de9c34bbc53de7bbbdf44b06a391c4ad6714cb25 Do note, however, that the upstream release note [0] says that this is a breaking change. [0] https://github.com/esnet/iperf/releases/tag/3.17
This is an autogenerated message for OBS integration: This bug (1224262) was mentioned in https://build.opensuse.org/request/show/1174204 Factory / iperf
SUSE-SU-2024:1981-1: An update that solves one vulnerability can now be installed. Category: security (moderate) Bug References: 1224262 CVE References: CVE-2024-26306 Maintenance Incident: [SUSE:Maintenance:34198](https://smelt.suse.de/incident/34198/) Sources used: openSUSE Leap 15.5 (src): iperf-3.17.1-150000.3.9.1 openSUSE Leap 15.6 (src): iperf-3.17.1-150000.3.9.1 SUSE Package Hub 15 15-SP5 (src): iperf-3.17.1-150000.3.9.1 SUSE Package Hub 15 15-SP6 (src): iperf-3.17.1-150000.3.9.1 SUSE Enterprise Storage 7.1 (src): iperf-3.17.1-150000.3.9.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
all updates have been submitted