iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.
https://support.apple.com/kb/HT213985
https://support.apple.com/kb/HT213984
https://security.netapp.com/advisory/ntap-20230818-0016/
https://lists.debian.org/debian-lts-announce/2023/07/msg00025.html
https://github.com/esnet/iperf/issues/1542
https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9
https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc
https://cwe.mitre.org/data/definitions/130.html
https://bugs.debian.org/1040830