zxfrd leaks memory when listing DNS zones. Zones can be listed via TMSH, iControl or SNMP; only users with access to those services can trigger this vulnerability. (CVE-2020-27725)
Impact
The memory leak by the zxfrd process eventually causes the system to experience an out-of-memory condition. As a result, systems in a high availability (HA) configuration may experience a failover. This vulnerability affects only BIG-IP systems that are provisioned with BIG-IP DNS or BIG-IP GTM and at least one DNS zone.