K02333782 : BIG-IP HTTP/2 vulnerability CVE-2021-22999

Security Advisory Description

The BIG-IP system provides an option to connect HTTP/2 clients to HTTP/1.x servers. When a client is slow to accept responses and it closes a connection prematurely, the BIG-IP system may indefinitely retain some streams unclosed. (CVE-2021-22999)

Impact

A remote attacker may cause the Traffic Management Microkernel (TMM) to leak memory and, over time, consume excessive system resources, leading to slow operation and eventual failover to a standby host.