K52340447 : F5 ePVA vulnerability CVE-2022-28705

2022-05-0400:00:00

my.f5.com

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.6%

JSON

Security Advisory Description

On platforms with an ePVA and the pva.fwdaccel BigDB variable enabled, undisclosed requests to a virtual server with a FastL4 profile that has ePVA acceleration enabled can cause the Traffic Management Microkernel (TMM) process to terminate. (CVE-2022-28705)

Impact

Traffic is disrupted while the Traffic Management Microkernel (TMM) process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only. CGNAT deployments are more likely to be affected. VCMP guests running on embedded Packet Velocity Acceleration (ePVA) platforms provisioned with only 2 CPU cores are not vulnerable.

The following conditions must be met to expose this issue:

The platform must have an ePVA. For further information, refer to: K12837: Overview of the ePVA feature.
The virtual server has a FastL4 profile with ePVA acceleration enabled.
The pva.fwdaccel BigDB variable has been enabled. This variable is not enabled in default configurations.

CPENameOperatorVersion
f5 ssl orchestratoreq14.1.0
f5 ssl orchestratoreq14.1.2
f5 ssl orchestratoreq14.1.4
f5 ssl orchestratoreq15.1.0
f5 ssl orchestratoreq15.1.1
f5 ssl orchestratoreq16.1.0
f5 ssl orchestratoreq16.1.1
f5 ssl orchestratoreq17.0.0
big-ip afmeq11.6.1
big-ip afmeq11.6.2

Name	Operator	Version
f5 ssl orchestrator	eq	14.1.0
f5 ssl orchestrator	eq	14.1.2
f5 ssl orchestrator	eq	14.1.4
f5 ssl orchestrator	eq	15.1.0
f5 ssl orchestrator	eq	15.1.1
f5 ssl orchestrator	eq	16.1.0
f5 ssl orchestrator	eq	16.1.1
f5 ssl orchestrator	eq	17.0.0
big-ip afm	eq	11.6.1
big-ip afm	eq	11.6.2

Rows per page:

1-10 of 3271