K73657294 : BIG-IP APM VDI plugin vulnerability CVE-2020-27722

Security Advisory Description

Under certain conditions, the VDI plugin does not observe plugin flow-control protocol causing excessive resource consumption. (CVE-2020-27722)

Impact

This affects only a BIG-IP APM virtual server configured with a Virtual Desktop Infrastructure (VDI) profile. Your BIG-IP system affected by this vulnerability may consume excessive resources when processing VDI traffic, resulting in Traffic Management Microkernel (TMM) restarting and generating a core file in some cases and leading to disruption in traffic processing.