K34511555 : BIG-IP and BIG-IQ AWS vulnerability CVE-2022-34844

Security Advisory Description

When the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP or BIG-IQ on Amazon Web Services (AWS) systems, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Successful exploitation relies on conditions outside of the attacker’s control. (CVE-2022-34844)

Impact

Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote unauthenticated attacker to cause a denial-of-service (DoS) on the BIG-IP and BIG-IQ systems. There is no control plane exposure; this is a data plane issue only. This issue does not affect any other hardware, virtual platforms, or cloud providers, as the affected driver is specific to AWS.