Memory corruption

The Traffic Management Microkernel TMM in F5 BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, and WebSafe 11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, and 11.3.0 before 11.4.1 HF10 may suffer from a memory leak while handling certain types of TCP traffic. Remote attackers ma...

F5 BIG-IP TCP Packet Denial of Service Vulnerability

The F5 BIG-IP is a load balancer that uses a variety of distribution algorithms to distribute network requests to available servers in a server cluster, enabling network visitors to have the best possible networking experience by managing incoming Web data traffic and increasing effective network...

CVE-2017-6137

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a disrupti...

Design/Logic Flaw

The Traffic Management Microkernel TMM in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service DoS through unspecified vectors...

CVE-2016-9252

The Traffic Management Microkernel TMM in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service DoS through unspecified vectors...

CVE-2016-9252

The Traffic Management Microkernel TMM in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service DoS through unspecified vectors...

CVE-2016-9249

An undisclosed traffic pattern received by a BIG-IP Virtual Server with TCP Fast Open enabled may cause the Traffic Management Microkernel TMM to restart, resulting in a Denial-of-Service DoS...

CVE-2016-9249

CVE-2016-9249 affects F5 BIG-IP TMM when TCP Fast Open is enabled. An undisclosed traffic pattern can cause TMM to restart on BIG-IP Virtual Servers, leading to a DoS. Vendor advisory K71282001 lists vulnerable BIG-IP versions (e.g., BIG-IP LTM 12.0.0–12.1.1, AAM 12.0.0–12.1.1, AFM 12.0.0–12.1.1,...

CVE-2016-9247

Under certain conditions for BIG-IP systems using a virtual server with an associated FastL4 profile and TCP analytics profile, a specific sequence of packets may cause the Traffic Management Microkernel TMM to restart...

CVE-2016-5024

Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2, when configured to parse RADIUS messages via an iRule, allow remote attackers to cause a denial of service Traffic Management Microkernel restart via crafted network traffic...

F5 Networks BIG-IP : BIG-IP FastL4 profile vulnerability (K36300805)

Under certain conditions for BIG-IP systems using FastL4 profiles, when the Reassemble IP Fragments option is disabled default, a specific sequence of fragmented packets may restart the Traffic Management Microkernel TMM. C Tenable Network Security, Inc. The descriptive text and package checks in...

F5 Networks BIG-IP : TMM vulnerability (K87416818)

The Traffic Management Microkernel TMM may suffer from a memory leak while handling certain types of TCP traffic. CVE-2016-7476 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5 Networks BIG-IP Solution K87416818. The text description o...

CVE-2016-5023

Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service Traffic Management Microkernel restart via crafted network...

CVE-2016-4545

Virtual servers in F5 BIG-IP 11.5.4, when SSL profiles are enabled, allow remote attackers to cause a denial of service resource consumption and Traffic Management Microkernel restart via an SSL alert during the handshake...

Design/Logic Flaw

Virtual servers in F5 BIG-IP 11.5.4, when SSL profiles are enabled, allow remote attackers to cause a denial of service resource consumption and Traffic Management Microkernel restart via an SSL alert during the handshake...

CVE-2016-4545

Virtual servers in F5 BIG-IP 11.5.4, when SSL profiles are enabled, allow remote attackers to cause a denial of service resource consumption and Traffic Management Microkernel restart via an SSL alert during the handshake...

Design/Logic Flaw

The Traffic Management Microkernel TMM in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options, which allows remote attackers...

CVE-2015-4638

The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.3.0 through 11.5.2 and 11.6.0 through 11.6.0 HF4, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 through 11.3.0, and BIG-IP PSM 11.2.1 through 11.4.1 allows remote attackers to cause a...

Design/Logic Flaw

The Traffic Management Microkernel TMM in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1; and WebAccelerator 9.4.0 through 9.4.8, 10.0.0 through...