Security Advisory Description
For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time matching the traffic against signatures, resulting in Traffic Management Microkernel (TMM) restarting and traffic disruption. (CVE-2024-21771)
Impact
When attackers exploit this vulnerability, the TMM restarts and the BIG-IP system temporarily fails to process traffic while it recovers. Also, devices configured in a device group may fail over.
This issue affects BIG-IP AFM systems that have the Intrusion Prevention System (IPS) license with the Protocol Inspection Profile applied on a virtual server or BIG-IP AFM network firewall rule.