Race Condition

Overview Affected versions of this package are vulnerable to Race Condition due to a race condition in the traffic processing mechanism. An attacker can intercept and read packets that should be encrypted. Remediation Upgrade github.com/cilium/cilium/bpf/lib to version 1.15.16, 1.16.9, 1.17.3 or...

CVE-2024-47506 Junos OS: SRX Series: A large amount of traffic being processed by ATP Cloud can lead to a PFE crash

A Deadlock vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When a large amount of traffic is processed by ATP Cloud inspection, a deadlock can occur which will result i...

CVE-2024-20314

CVE-2024-20314 affects Cisco IOS XE Software with the SD-Access fabric edge node feature. The issue stems from improper handling of certain IPv4 packets, allowing an unauthenticated, remote attacker to induce high CPU utilization and halt traffic processing, causing a DoS on affected devices. Cis...

K18570111: BIG-IP ASM and Advanced WAF WebSocket vulnerability CVE-2021-23010

Security Advisory Description When the BIG-IP ASM/Advanced WAF system processes WebSocket requests with JSON payloads using the default JSON content profile in the ASM security policy, the BIG-IP ASM bd process may produce a core file. CVE-2021-23010 Impact When this vulnerability is exploited, t...

K14693346: TMM vulnerability CVE-2021-22977

Security Advisory Description Cooperation between malicious HTTP client code and a malicious server may cause TMM to restart and generate a core file. CVE-2021-22977 Impact When attackers exploit this vulnerability, the Traffic Management Microkernel TMM restarts, and then the BIG-IP system...

K43815022: BIG-IP crypto driver vulnerability CVE-2020-5882

Security Advisory Description Under certain conditions, the Intel QuickAssist Technology QAT cryptography driver may produce a Traffic Management Microkernel TMM core file. CVE-2020-5882 Impact The BIG-IP system temporarily fails to process traffic as it recovers from TMM restarting, and systems...

K61367237: BIG-IP HTTP/3 QUIC vulnerability CVE-2020-5859

Security Advisory Description Specially formatted HTTP/3 messages may cause the Traffic Management Microkernel TMM to produce a core file. CVE-2020-5859 Impact TMM may restart and temporarily fail to process traffic on BIG-IP hosts with the HTTP/3 QUIC profile configured. High availability HA...

K91026261: BIG-IP TMM vulnerability CVE-2019-6594

Security Advisory Description Multipath TCP MPTCP does not protect against multiple zero length DATAFINs in the reassembly queue, which can lead to an infinite loop in some circumstances. CVE-2019-6594 Impact The BIG-IP system temporarily fails to process traffic as it recovers from a Traffic...

K19430431: TMM vulnerability CVE-2017-6160

Security Advisory Description A remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel TMM to restart and temporarily fail to process traffic. This issue is exposed on virtual servers using a Policy Enforcement profile or a Web Acceleration profile...

K05300051: TMM SCTP vulnerability CVE-2021-23013

Security Advisory Description The Traffic Management Microkernel TMM may stop responding when processing Stream Control Transmission Protocol SCTP traffic under certain conditions. This vulnerability affects TMM by way of a virtual server configured with an SCTP profile. CVE-2021-23013 Impact...

K26464312: TMM SCTP vulnerability CVE-2020-5918

Security Advisory Description The Traffic Management Microkernel TMM may stop responding when processing Stream Control Transmission Protocol SCTP traffic when traffic volume is high. This vulnerability affects TMM by way of a virtual server configured with an SCTP profile. CVE-2020-5918 Impact...

K26455071: BIG-IP HSB vulnerability CVE-2019-6604

Security Advisory Description Under certain conditions, hardware systems with a High-Speed Bridge HSB using non-default Layer 2 forwarding configurations may experience a lockup of the HSB. CVE-2019-6604 This vulnerability occurs when all of the following conditions are met: A VLAN group is...

K47527163: CGNAT/PPTP vulnerability CVE-2019-6611

Security Advisory Description When processing certain rare data sequences occurring in PPTP VPN traffic, the BIG-IP system may execute incorrect logic. The TMM may restart and produce a core file as a result of this condition. The BIG-IP system provisioned with the CGNAT module and configured wit...

K38243073: BIG-IP ASM data processing vulnerability CVE-2017-6154

Security Advisory Description The BIG-IP ASM bd process may produce a core file under some circumstances when processing undisclosed types of data on systems with 48 or more CPU cores. CVE-2017-6154 Impact The BIG-IP ASMbd process produces a core file, interrupting traffic processing and causing ...

K51574311: BIG-IP APM vulnerability CVE-2020-27716

Security Advisory Description When a BIG-IP APM virtual server processes traffic of an undisclosed nature, the Traffic Management Microkernel TMM stops responding and restarts. CVE-2020-27716 Impact Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as...

Race condition

A vulnerability in the IPSec decryption routine of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. This vulnerability is due to buffer exhaustion that occurs while traffic on a configured...

The vulnerability in the processing of IPv6 traffic by the Cisco IOS XE operating system allows a attacker to trigger a service failure.

The vulnerability of Cisco IOS XE operating system’s IPv6 traffic processing is related to a logical error in the processing of certain local IPv6 traffic. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of the vDaemon software from Cisco IOS XE SD-WAN allows a attacker to trigger buffer overflows.

The vulnerability of the vDaemon software in Cisco IOS XE SD-WAN lies in insufficient boundary checking during traffic processing. Exploiting this vulnerability can allow a remote attacker to trigger buffer overflows...

CVE-2021-31369

CVE-2021-31369 affects Juniper Networks Junos OS on MX Series with MS-MPC/MS-MIC. The issue is an Allocation of Resources Without Limits or Throttling vulnerability that allows an unauthenticated network attacker to cause a partial Denial of Service by generating high-rate traffic. If a Class of ...

Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability

A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit...