K01153535 : BIG-IP AWS vulnerability CVE-2021-23051

Security Advisory Description

When the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP on Amazon Web Services (AWS) systems, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. This is due to an incomplete fix for CVE-2020-5862. (CVE-2021-23051)

Impact

Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only. This issue does not affect any other hardware, virtual platforms, or cloud providers, as the affected driver is specific to AWS.