K45421311 : BIG-IP TMM vulnerability CVE-2020-5925

Security Advisory Description

Undisclosed internally-generated User Datagram Protocol (UDP) traffic may cause the Traffic Management Microkernel (TMM) to restart under some circumstances.(CVE-2020-5925)

A BIG-IP system experiencing this vulnerability may log the following error message to the /var/log/tmm file:

Assertion “sub_agent_id matches.” failed.

Impact

In rare circumstances, it may be possible for unauthenticated remote attackers to manipulate data plane traffic, such as TCP or UDP traffic, through a virtual server in a way that causes TMM to restart. This restart is due to internally generated UDP traffic generated in response to the data plane traffic being mis-handled.