6398 matches found
SOL16838 - XSS vulnerability in the BIG-IP and Enterprise Manager Configuration utilities CVE-2015-1470
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL95375529 - PHP vulnerabilities CVE-2013-7456, CVE-2016-4343, and CVE-2016-5093
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL48572812 - Cross Site Scripting (XSS) vulnerability in F5 WebSafe Dashboard CVE-2016-5235
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL00032124 - BIG-IP last hop kernel module vulnerability CVE-2015-5516
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL53146535 - Multiple Sun Java vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL17462 - Linux kernel vulnerability CVE-2015-2830
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17307 - Linux kernel vulnerability CVE-2015-5364
The 1 udprecvmsg and 2 udpv6recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service system hang via incorrect checksums within a UDP packet flood. CVE-2015-5364...
SOL16728 - iCall privilege escalation vulnerability CVE-2015-3628
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16392 - NTP vulnerability CVE-2014-9750
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16353 - Multiple JavaSE server-side vulnerabilities CVE-2015-0383, CVE-2015-0410, and CVE-2014-6593
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...
SOL14739 - OpenSSH vulnerability CVE-2008-3234
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL10441 - Microsoft Active Template Library (ATL) vulnerabilities VU#456745
Information about this advisory is available at the following locations: F5 Product Development tracked this issue as ID 296507 formerly CR125945 for FirePass, and it was fixed in FirePass 6.1.0. For information about upgrading, refer to the FirePass release notes. Obtaining and installing patche...
SOL9642 - Samba vulnerability CVE-2008-1105
Specifically crafted SMB responses can result in a heap overflow in the Samba client code. Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge...
K92930514: GO vulnerability CVE-2016-5386
Security Advisory Description The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote...
K53854428: iControl SOAP vulnerability CVE-2021-23026
Security Advisory Description BIG-IP and BIG-IQ are vulnerable to cross-site request forgery CSRF attacks through iControl SOAP. CVE-2021-23026 Impact An attacker may trick authenticated users into performing critical actions. This vulnerability can only be exploited through the control plane and...
K11546763: Linux kernel vulnerability CVE-2021-3653
Security Advisory Description A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this...
K55545288: Linux kernel vulnerability CVE-2019-19046
Security Advisory Description DISPUTED A memory leak in the ipmibmcregister function in drivers/char/ipmi/ipmimsghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering idasimpleget failure, aka CID-4aa7afb0ee20. NOTE: third...
K15912: Linux kernel driver vulnerabilities CVE-2014-3185, CVE-2014-3611, CVE-2014-3645, and CVE-2014-3646
Security Advisory Description CVE-2014-3185 Multiple buffer overflows in the commandportreadcallback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of...
K14201: BIND denial-of-service attack CVE-2012-5166/CVE-2012-4244
Security Advisory Description A vulnerability exists in the BIND DNS server process that may allow a remote attacker to initiate a denial-of-service DoS attack against the DNS service. Impact DNS services may be unavailable and cause a failure in DNS resolution. Security Advisory Status F5 Produc...
K17543: Linux kernel vulnerability CVE-2014-9420
Security Advisory Description The rockcontinue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service infinite loop, and system crash or hang via a crafted iso9660 image...
K16352: Multiple OpenJDK vulnerabilities
Security Advisory Description CVE-2015-0383 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. CVE-2014-6601...
K68120526: Linux kernel vulnerability CVE-2022-0742
Security Advisory Description Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc. CVE-2022-0742 Impact Ther...
K17461: OpenSSH vulnerability CVE-2015-5352
Security Advisory Description The x11openhelper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection...
K10754336: MySQL vulnerabilities CVE-2019-2808, CVE-2019-2810, CVE-2019-2811, CVE-2019-2812, and CVE-2019-2814
Security Advisory Description CVE-2019-2808 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...
K70992015: Linux kernel vulnerabilty CVE-2021-33200
Security Advisory Description kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. I...
K62532228: Linux kernel CVE-2020-10769
Security Advisory Description A buffer over-read flaw was found in RH kernel versions before 5.0 in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, i...
K56715231: TMM buffer-overflow vulnerability CVE-2021-22991
Security Advisory Description Undisclosed requests to a virtual server may be incorrectly handled by Traffic Management Microkernel TMM URI normalization, which may trigger a buffer overflow, resulting in a DoS attack. In certain situations, it theoretically may allow bypass of URL based access...
K28241423: Linux kernel vulnerability CVE-2018-18559
Security Advisory Description In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The...
K26618426: Linux SACK Slowness vulnerability CVE-2019-11478
Security Advisory Description Jonathan Looney discovered that the TCP retransmission queue implementation in tcpfragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment SACK sequences. A remote attacker could use this to cause a denial of service. This h...
K80173446: Multiple Ruby vulnerabilities
Security Advisory Description CVE-2017-17742 Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTTP response for the HTTP server of WEBrick...
K85633044: Linux kernel vulnerability CVE-2019-3459
Security Advisory Description A heap address information leak while using L2CAPGETCONFOPT was discovered in the Linux kernel before 5.1-rc1. CVE-2019-3459 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated t...
K16122: Linux kernel vulnerability CVE-2014-9322
Security Advisory Description arch/x86/kernel/entry64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment SS segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address...
K25835344: Linux kernel vulnerability CVE-2018-8781
Security Advisory Description The udlfbmmap function in drivers/gpu/drm/udl/udlfb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physic...
K44923228: Oracle Java SE vulnerability CVE-2018-2783
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows...
K32615023: Linux kernel vulnerability CVE-2022-2588
Security Advisory Description It was discovered that the clsroute filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. CVE-2022-2588 Impact This flaw allows a local user to cause a denial-of-service DoS on the...
K46514822: Linux TCP stack vulnerability CVE-2016-5696
Security Advisory Description net/ipv4/tcpinput.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack. CVE-2016-5696 Impact Attackers may be able to...
K28135205: Linux kernel vulnerability CVE-2019-19057
Security Advisory Description Two memory leaks in the mwifiexpcieinitevtring function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service memory consumption by triggering mwifiexmappcimemory failures, aka CID-d10dcb615c8e...
K59513013: Linux kernel vulnerability CVE-2019-14821
Security Advisory Description An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvmcoalescedmmio' object, wherein write indices...
K58022757: Linux kernel vulnerability CVE-2020-11668
Security Advisory Description In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlinkcit.c aka the Xirlink camera USB driver mishandles invalid descriptors, aka CID-a246b4d54770. CVE-2020-11668 Impact There is no impact; F5 products are not affected by this vulnerability. Security...
K32071141: Apache mod_http2 vulnerability CVE-2016-8740
Security Advisory Description The modhttp2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service memory consumption via crafted CONTINUATION...
K79502122: Zend Framework vulnerability CVE-2016-10034
Security Advisory Description The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary...
K81258141: QEMU 4.2.0 buffer overflow vulnerability CVE-2020-8608
Security Advisory Description In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code. CVE-2020-8608 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Developmen...
K15663: MD2 Message-Digest Algorithm vulnerability CVE-2009-2409
Security Advisory Description The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2...
K16716: Multiple Mozilla NSS vulnerabilities
Security Advisory Description CVE-2013-1740 The sslDo1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services NSS before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate...
K75152412: OpenSSL vulnerability CVE-2016-2108
Security Advisory Description The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service buffer underflow and memory corruption via an ANY field in crafted serialized data, aka the "negative zero" issue...
SOL21042398 - PHP vulnerability CVE-2016-5769
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL55672042 - Linux kernel vulnerability CVE-2016-4470
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL51518670 - Linux kernel vulnerability CVE-2015-2922
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL07560020 - Linux kernel vulnerabilities CVE-2015-7884, CVE-2015-7885, CVE-2015-8543, CVE-2015-8569, and CVE-2015-8660
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL16983 - PCRE library vulnerability CVE-2015-2325
Although the BIG-IP/BIG-IQ/Enterprise Manager software contains the vulnerable code, BIG-IP/BIG-IQ/Enterprise Manager does not use the vulnerable code in a way that exposes the vulnerability. An attacker must have local access to BIG-IP/BIG-IQ/Enterprise Manager to trigger an exploit, which the...