K35408374 : BIG-IP compression driver vulnerability CVE-2021-23044

Security Advisory Description

When the Intel QuickAssist Technology (QAT) compression driver is used on affected BIG-IP hardware and BIG-IP Virtual Edition (VE) platforms, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. (CVE-2021-23044)

Impact

Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.

This vulnerability applies to the following platforms:

• i4000, i4600, i4800, YK i4000
• i5000, i5600, i5800, HRC-i5000, HRC-i5800, i5820-DF
• i7000, i7600, i7800, i7000-D, i7820-DF
• i10000, i10600, i10800, i10000-D, HRC-i10800
• i11000, i11600, i11800, i11000-DS, i11000-D
• i15000, i15600, i15800, i15000-N
• VIPRION B4400N blade
• BIG-IP Virtual Edition (VE)

Note: BIG-IP VE cryptographic and compression offload is a licensed feature available only on the KVM hypervisor. If you have licensed this feature (a BIG-IP VE using the affected Intel QAT hardware [Lewisburg and Lewis Hill QAT devices] with an affected Intel QAT SR-IOV VF driver included in the BIG-IP VE version) then the Intel QAT PF (Lewisburg and Lewis Hill QAT devices) driver installed on the host is vulnerable. Under this very explicit KVM scenario, a BIG-IP VE is vulnerable.