Lucene search

F5F5:K16831

HistoryJul 01, 2015 - 12:00 a.m.

K16831 : BSD regex library vulnerability CVE-2015-2305

2015-07-0100:00:00

my.f5.com

8.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

78.9%

JSON

Security Advisory Description

Description

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. (CVE-2015-2305)

Impact

There is no impact; F5 products are not affected by this vulnerability.

Status

To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:

Product	Versions known to be vulnerable	Versions known to be not vulnerable	Severity	Vulnerable component or feature
BIG-IP LTM	None
11.0.0 - 11.6.0
10.1.0 - 10.2.4
Not vulnerable	None

BIG-IP AAM| None
| 11.4.0 - 11.6.0
| Not vulnerable| None

BIG-IP AFM| None
| 11.3.0 - 11.6.0
| Not vulnerable| None

BIG-IP Analytics| None
| 11.0.0 - 11.6.0
| Not vulnerable| None

BIG-IP APM| None
| 11.0.0 - 11.6.0
10.1.0 - 10.2.4
| Not vulnerable| None

BIG-IP ASM| None
| 11.0.0 - 11.6.0
10.1.0 - 10.2.4
| Not vulnerable| None

BIG-IP Edge Gateway
| None
| 11.0.0 - 11.3.0
10.1.0 - 10.2.4
| Not vulnerable| None

BIG-IP GTM| None
| 11.0.0 - 11.6.0
10.1.0 - 10.2.4
| Not vulnerable| None

BIG-IP Link Controller| None
| 11.0.0 - 11.6.0
10.1.0 - 10.2.4
| Not vulnerable| None

BIG-IP PEM| None
| 11.3.0 - 11.6.0
| Not vulnerable| None

BIG-IP PSM| None
| 11.0.0 - 11.4.1
10.1.0 - 10.2.4
| Not vulnerable| None

BIG-IP WebAccelerator| None
| 11.0.0 - 11.3.0
10.1.0 - 10.2.4
| Not vulnerable| None

BIG-IP WOM| None
| 11.0.0 - 11.3.0
10.1.0 - 10.2.4
| Not vulnerable| None

ARX| None
| 6.0.0 - 6.4.0
| Not vulnerable| None

Enterprise Manager| None
| 3.0.0 - 3.1.1
| Not vulnerable| None

FirePass| None
| 7.0.0
6.0.0 - 6.1.0
| Not vulnerable| None

BIG-IQ Cloud| None
| 4.0.0 - 4.5.0
| Not vulnerable| None

BIG-IQ Device| None
| 4.2.0 - 4.5.0
| Not vulnerable| None

BIG-IQ Security| None
| 4.0.0 - 4.5.0
| Not vulnerable| None

BIG-IQ ADC| None
| 4.5.0
| Not vulnerable| None

LineRate| None
| 2.5.0 - 2.6.0
| Not vulnerable| None

F5 WebSafe| None
| 1.0.0
| Not vulnerable| None

Traffix SDC| None
| 4.0.0 - 4.4.0
3.3.2 - 3.5.1
| Not vulnerable| None

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value.

Recommended Action

None

Supplemental Information

CPENameOperatorVersion
big-ip afmeq11.3.0
big-ip afmeq11.4.0
big-ip afmeq11.4.1
big-ip afmeq11.5.0
big-ip afmeq11.5.1
big-ip afmeq11.5.2
big-ip afmeq11.5.3
big-ip afmeq11.6.0
big-ip analyticseq11.0.0
big-ip analyticseq11.1.0

Name	Operator	Version
big-ip afm	eq	11.3.0
big-ip afm	eq	11.4.0
big-ip afm	eq	11.4.1
big-ip afm	eq	11.5.0
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3
big-ip afm	eq	11.6.0
big-ip analytics	eq	11.0.0
big-ip analytics	eq	11.1.0