VDB
GCVE-110-MAGEIA-2024-226
GCVE-110-MAGEIA-2024-226
Advisory Published
iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with
RSA authentication, allows a timing side channel in RSA decryption
operations. This side channel could be sufficient for an attacker to
recover credential plaintext. It requires the attacker to send a large
number of messages for decryption, as described in "Everlasting ROBOT:
the Marvin Attack" by Hubert Kario.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | iperf | 0 (affected), 3.17.1-1.mga9 (unaffected), 0 (affected), 3.17.1-1.mga9 (unaffected) | — |
| Mageia | kmetronome | 0 (affected), 1.3.1-1.1.mga9 (unaffected) | — |
| Mageia | drumstick | 0 (affected), 2.7.2-1.1.mga9 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,443 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.