HIGHCVE-2025-54351CVSS 8.9

CVE-2025-54351: Buffer Overflow in iperf3

Platform

linux

Component

iperf

Fixed in

3.19.1

AI Confidence: highNVDEPSS 0.0%Reviewed: May 2026

View on NVD

Save

CVE-2025-54351 describes a buffer overflow vulnerability discovered in iperf3, a widely used network performance measurement tool. This flaw allows a remote attacker to potentially execute arbitrary code by exploiting the --skip-rx-copy option. The vulnerability affects versions of iperf3 prior to 3.19.1, and a patch has been released to address the issue.

Impact and Attack Scenarios

The buffer overflow vulnerability in iperf3 allows an attacker to craft malicious input that exceeds the allocated buffer size during network performance testing. Successfully exploiting this vulnerability could lead to arbitrary code execution on the target system. This could grant the attacker complete control over the affected machine, enabling them to install malware, steal sensitive data, or disrupt network operations. Given iperf3's use in network benchmarking and performance analysis, this vulnerability poses a significant risk to systems involved in these activities.

Exploitation Context

CVE-2025-54351 is not currently listed on the CISA KEV catalog. Public proof-of-concept (PoC) exploits are not yet publicly available, but the vulnerability's nature suggests that development of such exploits is likely. The vulnerability was publicly disclosed on 2025-08-03.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown

CISA KEVNO

Internet ExposureHigh

EPSS

0.05% (15% percentile)

CISA SSVC

Exploitationnone

Automatableno

Technical Impacttotal

CVSS Vector

Affected Software

Componentiperf

VendorES

Affected rangeFixed in

0 – 3.19.13.19.1

Weakness Classification (CWE)

CWE-420

Timeline

Reserved2025-07-21
Published2025-08-03
Modified2025-08-04
EPSS updated2026-03-23

Mitigation and Workarounds

The primary mitigation for CVE-2025-54351 is to upgrade to iperf3 version 3.19.1 or later. If upgrading is not immediately feasible, consider temporarily disabling the --skip-rx-copy option, as this is the trigger for the vulnerability. Network firewalls and intrusion detection systems (IDS) should be configured to monitor for unusual network traffic patterns associated with iperf3, particularly those involving the --skip-rx-copy flag. After upgrading, confirm the fix by running iperf3 with the --skip-rx-copy flag and verifying that no crashes or unexpected behavior occurs.

How to fix

Update iperf3 to version 3.19.1 or higher. This version fixes the buffer overflow vulnerability. You can download the new version from the official website or through your operating system's package manager.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2025-54351 — Buffer Overflow in iperf3?

CVE-2025-54351 is a HIGH severity buffer overflow vulnerability in iperf3 versions 0-3.19.0. It allows attackers to potentially execute code by exploiting the --skip-rx-copy option.

Am I affected by CVE-2025-54351 in iperf3?

You are affected if you are using iperf3 versions 0.0.0 through 3.19.0. Upgrade to version 3.19.1 or later to mitigate the risk.

How do I fix CVE-2025-54351 in iperf3?

Upgrade to iperf3 version 3.19.1 or later. As a temporary workaround, disable the --skip-rx-copy option.

Is CVE-2025-54351 being actively exploited?

While no active exploitation has been confirmed, the vulnerability's nature makes it likely that exploits will be developed. Monitor your systems closely.

Where can I find the official iperf3 advisory for CVE-2025-54351?

Refer to the iperf3 project's official website and security advisories for the latest information regarding CVE-2025-54351.