CVE-2021-23034

On BIG-IP version 16.x before 16.1.0 and 15.1.x before 15.1.3.1, when a DNS profile using a DNS cache resolver is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM process to terminate. Note: Software versions which have reached End of Technical...

F5 BIG-IP compression driver denial of service vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. F5 BIG-IP compression driver denial of service vulnerability, on platforms using Intel QuickAssist Technology QAT compression...

CVE-2021-23007

On BIG-IP versions 14.1.4 and 16.0.1.1, when the Traffic Management Microkernel TMM process handles certain undisclosed traffic, it may start dropping all fragmented IP traffic. Note: Software versions which have reached End of Software Development EoSD are not evaluated...

CVE-2021-23003

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, the Traffic Management Microkernel TMM process may produce a core file when undisclosed MPTCP traffic passes through a standard...

Code injection

On BIG-IP versions 14.1.4 and 16.0.1.1, when the Traffic Management Microkernel TMM process handles certain undisclosed traffic, it may start dropping all fragmented IP traffic. Note: Software versions which have reached End of Software Development EoSD are not evaluated...

Code injection

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, the Traffic Management Microkernel TMM process may produce a core file when undisclosed MPTCP traffic passes through a standard...

CVE-2021-23007

On BIG-IP versions 14.1.4 and 16.0.1.1, when the Traffic Management Microkernel TMM process handles certain undisclosed traffic, it may start dropping all fragmented IP traffic. Note: Software versions which have reached End of Software Development EoSD are not evaluated...

CVE-2021-23007

CVE-2021-23007 affects BIG-IP’s Traffic Management Microkernel (TMM) on versions 14.1.4 and 16.0.1.1. When the TMM process handles certain undisclosed traffic, it may start dropping all fragmented IP traffic, potentially impacting connectivity. End-of-software-development (EoSD) versions are not ...

CVE-2021-23003

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, the Traffic Management Microkernel TMM process may produce a core file when undisclosed MPTCP traffic passes through a standard...

CVE-2021-23003

CVE-2021-23003 affects BIG-IP Traffic Management Microkernel (TMM) across multiple releases. The TMM may produce a core file when undisclosed MPTCP traffic passes through a standard virtual server. Vulnerable versions include BIG-IP 16.0.0–16.0.1, 15.1.x up to 15.1.1, 14.1.x up to 14.1.3.1, 13.1....

F5 Networks BIG-IP : BIG-IP MPTCP vulnerability (K43470422)

The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.5.3 / 12.1.5.3 / 13.1.3.6 / 14.1.3.1 / 15.1.2 / 16.0.1.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K43470422 advisory. - On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before...

CVE-2020-27723

CVE-2020-27723 affects BIG-IP APM: a PingAccess request on a BIG-IP APM virtual server may trigger a restart of the Traffic Management Microkernel (TMM), disrupting traffic processing and causing a failover in HA. Affected versions include 14.1.0–14.1.3 and 13.1.0–13.1.3.4. Remediation per F5 adv...

CVE-2020-27723

In versions 14.1.0-14.1.3 and 13.1.0-13.1.3.4, a BIG-IP APM virtual server processing PingAccess requests may lead to a restart of the Traffic Management Microkernel TMM process...

CVE-2020-5936

On BIG-IP LTM 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.1, the Traffic Management Microkernel TMM process may consume excessive resources when processing SSL traffic and client authentication are enabled on the client SSL profile...

F5 Networks BIG-IP : BIG-IP Client SSL Security Advisory (K44020030)

The Traffic Management Microkernel TMM process may consume excessive resources when processing SSL traffic and client authentication are enabled on the client SSL profile. Impact TMM memory may eventually become exhausted and may result in the system producing a core file. The BIG-IP system may...

F5 Networks BIG-IP : BIG-IP APM virtual server vulnerability (K46901953)

In certain circumstances, an attacker sending specifically crafted requests to aBIG-IP APM virtual server may cause a disruption of service provided by the Traffic Management MicrokernelTMM. CVE-2020-5874 Impact An attacker may be able to perform a denial-of-service DoS attack on a BIG-IP system ...

Design/Logic Flaw

On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in some cases when Ram Cache incorrectly optimizes stored data resulting in memory errors...

CVE-2020-5861

On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in some cases when Ram Cache incorrectly optimizes stored data resulting in memory errors...

CVE-2020-5861

The CVE-2020-5861 issue affects BIG-IP 12.1.0–12.1.5 where the TMM process may produce a core file due to Ram Cache misoptimizing stored data, causing memory errors and temporary traffic processing failures during TMM restart. The primary affected component is the Ram Cache feature within the Web...

CVE-2019-6678

On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, the TMM process may restart when the packet filter feature is enabled...