Lucene search
F5CVELIST:CVE-2018-15311HistoryOct 09, 2018 - 12:00 a.m.
CVE-2018-15311
2018-10-0900:00:00
f5
www.cve.org
0.001 Low
EPSS
Percentile
47.2%
When F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.5.1-11.5.6 is processing specially crafted TCP traffic with the Large Receive Offload (LRO) feature enabled, TMM may crash, leading to a failover event. This vulnerability is not exposed unless LRO is enabled, so most affected customers will be on 13.1.x. LRO has been available since 11.4.0 but is not enabled by default until 13.1.0.
CNA Affected
[
{
"product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "13.0.0-13.1.0.5"
},
{
"status": "affected",
"version": "12.1.0-12.1.3.5"
},
{
"status": "affected",
"version": "11.6.0-11.6.3.2"
},
{
"status": "affected",
"version": "11.5.1-11.5.6"
}
]
}
]References
Related
prion
prion
Design/Logic Flaw
2018-10-10 14:29:00
nessus
nessus
F5 Networks BIG-IP : TMM with LRO vulnerability (K07550539)
2018-11-02 00:00:00
nvd
nvd
CVE-2018-15311
2018-10-10 14:29:00
cve
cve
CVE-2018-15311
2018-10-10 14:29:00
f5
f5
TMM with LRO vulnerability CVE-2018-15311
2018-10-10 01:34:00