K92002212 : TMM vulnerability CVE-2019-6676

Security Advisory Description

Traffic Management Microkernel (TMM) may restart on BIG-IP Virtual Edition (VE) when using virtio direct descriptors and packets 2 KB or larger. (CVE-2019-6676)

Impact

Some virtio backend implementations send large packets (2 KB or larger) even when Large Offload Receive (LRO) is disabled. If the backend uses direct descriptors, this combination might cause Traffic Management Microkernel (TMM) to generate a core file and restart. The standard KVM implementation of virtio does not have this behavior.

This issue affects only BIG-IP VE systems. BIG-IP hardware platforms do not use the virtio subsystem.