SOL15908 - Linux kernel mac80211 vulnerability CVE-2014-8709

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

SOL15792 - Path MTU discovery vulnerability CVE-2004-1060

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

SOL15748 - BIND vulnerability CVE-2010-0290

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custo...

SOL15512 - LZO decompressor vulnerability CVE-2014-4608

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

SOL15304 - Linux kernel tcp_rcv_state_process vulnerability CVE-2012-6638

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. F5 recommends that...

SOL14601 - BIND vulnerability CVE-2012-5689

Vulnerability Recommended Actions If using DNS64 and RPZs together, you can mitigate this vulnerability by verifying that the RPZ contains an AAAA rewrite rule for every A rewrite rule in the zone. If the RPZ provides an AAAA answer without the assistance of DNS64, the vulnerability is not...

SOL13993 - Cross-site URL redirection attack vulnerability CVE-2009-4017

Vulnerability Recommended Actions Upgrade FirePass to the latest hotfix. Acknowledgements F5 would like to acknowledge Aung Khant of YGN Ethical Hacker Group, Myanmar for bringing this issue to our attention, and for following the highest standards of responsible disclosure. Supplemental...

SOL10905 - NTP vulnerability - CVE-2009-3563

F5 Product Development has determined that these BIG-IP and Enterprise Manager versions use a vulnerable version of NTP. However, the vulnerable code is not used by default on these BIG-IP or Enterprise Manager systems. These products are only vulnerable if NTP was manually configured and enabled...

SOL10143 - Cross-Site Scripting Vulnerabilities in the FirePass logon

Cross-site scripting XSS vulnerabilities exist in the FirePass logon page, which is accessible prior to authentication. The affected FirePass page fails to fully sanitize HTTP request input before the web page content is sent to the browser. By altering the HTTP request input in the cookie, a...

SOL2617 - Reverse name resolution vulnerability in SSH - CVE-2003-0386

OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address...

K000148809: Qt vulnerabilities CVE-2023-38197 and CVE-2023-37369

Security Advisory Description CVE-2023-38197 An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion. CVE-2023-37369 In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2,...

K000140029: libcurl vulnerability CVE-2024-2398

Security Advisory Description When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously...

K000139898: PyYAML vulnerabilities CVE-2020-1747 and CVE-2020-14343

Security Advisory Description CVE-2020-1747 A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use th...

K000138679: Golang vulnerabilities CVE-2023-24540, CVE-2023-29400, and CVE-2023-29403

Security Advisory Description CVE-2023-24540 Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly...

K000137864: Squid vulnerabilities CVE-2023-46846, CVE-2023-46847, CVE-2023-46848

Security Advisory Description CVE-2023-46846 SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. CVE-2023-46847 Squid is vulnerable to a Denial of Service,...

K000137325: Apache httpd vulnerability CVE-2023-43622

Security Advisory Description An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack...

K14919: Socat vulnerabilities CVE-2010-2799, CVE-2012-0219, and CVE-2013-3571

Security Advisory Description CVE-2010-2799 Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line...

K57110035: BIG-IP APM Edge Client for Windows logging vulnerability CVE-2022-27636

Security Advisory Description BIG-IP Edge Client may log sensitive APM session-related information when VPN is launched on a Windows system. CVE-2022-27636 Impact An attacker with privileges on the Windows system can view the logged sensitive APM session-related information. Security Advisory...

K02825271: Linux kernel vulnerability CVE-2017-13166

Security Advisory Description An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167. CVE-2017-13166 Impact This flaw could be exploited by an attacker to overwrite a kernel memory from an unprivileged userspace...

K14338030: libxml2 vulnerability CVE-2016-1762

Security Advisory Description The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document. CVE-2016-1762 Impact Allows an attacker unauthorized disclosure of information, unauthorized modification, an...

K28273449: Linux kernel vulnerability CVE-2018-6555

Security Advisory Description The irdasetsockopt function in net/irda/afirda.c and later in drivers/staging/irda/net/afirda.c in the Linux kernel before 4.17 allows local users to cause a denial of service iasobject use-after-free and system crash or possibly have unspecified other impact via an...

K44104514: Apache Storm vulnerability CVE-2021-40865

Security Advisory Description An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution RCE. Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to...

K17127: PHP vulnerability CVE-2014-9709

Security Advisory Description The GetCode function in gdgifin.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted GIF image that is improperly handled by the...

K58928452: Kernel vulnerability CVE-2017-1000410

Security Advisory Description The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker i...

K32412503: Trusted Platform Module vulnerabilities CVE-2019-11090 and CVE-2019-16863

Security Advisory Description CVE-2019-11090 Cryptographic timing conditions in the subsystem for IntelR PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; IntelR TXE 3.1.70 and 4.0.20; IntelR SPS before versions SPSE504.01.04.305.0, SPSSoC-X04.00.04.108.0,...

K13213418: BIG-IP monitor configuration vulnerability CVE-2022-35735

Security Advisory Description An authenticated attacker with Resource Administrator or Manager privileges can create or modify existing monitor objects in the Configuration utility in an undisclosed manner, leading to a privilege escalation. CVE-2022-35735 Impact This vulnerability may allow an...

K87920510: BIG-IP mcpd vulnerability CVE-2019-6647

Security Advisory Description When processing authentication attempts for control-plane users, mcpd leaks a small amount of memory. Under rare conditions, attackers with access to the management interface can eventually deplete memory on the system. CVE-2019-6647 Impact Repeated failed...

K11410303: cURL vulnerability CVE-2017-2629

Security Advisory Description curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or failure. It ends up always thinking there's valid proof, even when...

K73071205: PHP vulnerability CVE-2016-5385

Security Advisory Description PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an...

K35358312: TCP vulnerability CVE-2015-8099

Security Advisory Description Under limited conditions, an invalid TCP segment can lead to a Denial of Service for the High-Speed Bridge HSB on the following platforms: 3900, 6900, 8900, 8950, 11000, 11050, PB100 or PB200. This issue is only exposed on virtual servers while Software SYN cookies a...

K15512: LZO decompressor vulnerability CVE-2014-4608

Security Advisory Description DISPUTED Multiple integer overflows in the lzo1xdecompresssafe function in lib/lzo/lzo1xdecompresssafe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service memory corruption via a crafted Literal...

K15935: NTP vulnerability CVE-2014-9294

Security Advisory Description util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. CVE-2014-9294 Impact Theoretically, a remote attacker can determine a weak...

K17270: OpenSSH vulnerability CVE-2015-6565

Security Advisory Description sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service terminal disruption or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence...

K60570139: Rowhammer hardware vulnerability CVE-2020-10255

Security Advisory Description Modern DRAM chips DDR4 and LPDDR4 after 2015 are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh TRR, aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain...

K81903701: Libpng vulnerability CVE-2015-8472

Security Advisory Description Buffer overflow in the pngsetPLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service application crash or possibly have...

K30215094: Ruby vulnerability CVE-2016-7798

Security Advisory Description The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism. CVE-2016-7798 Impact There is no impact; F5...

K52401347: Linux kernel vulnerability CVE-2021-28972

Security Advisory Description In drivers/pci/hotplug/rpadlparsysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly...

K13815051: Apache vulnerability CVE-2021-30641

Security Advisory Description Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' CVE-2021-30641 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently...

K15650046: Tcl code injection security exposure

Security Advisory Description Certain coding practices may allow an attacker to inject arbitrary Tool Command Language Tcl commands, which can be executed in the security context of the target Tcl script by the running Tcl interpreter. Note: This issue affects any user-supplied Tcl code executed ...

K82034427: BIG-IP FTP profile vulnerability CVE-2022-26130

Security Advisory Description When an Active mode-enabled FTP profile is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing active FTP data channel connections. CVE-2022-26130 Impact Traffic is disrupted for active FTP data channel connections. Thi...

K85633044: Linux kernel vulnerability CVE-2019-3459

Security Advisory Description A heap address information leak while using L2CAPGETCONFOPT was discovered in the Linux kernel before 5.1-rc1. CVE-2019-3459 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated t...

K87046687: VMware Tools vulnerability CVE-2022-31676

Security Advisory Description VMware Tools 12.0.0, 11.x.y and 10.x.y contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine. CVE-2022-31676 Impact A local,...

K36302720: Apache Tomcat vulnerability CVE-2016-6797

Security Advisory Description The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web...

K17518: NTP vulnerability CVE-2015-7871

Security Advisory Description Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication. CVE-2015-7871 Impact An unauthenticated remote attacker may force ntpd processes on targeted servers to peer with time sources of the...

K10396196: Linux RPM vulnerability CVE-2021-20271

Security Advisory Description A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute...

K73464925: Multiple Java vulnerabilities CVE-2021-35588, CVE-2021-35603, CVE-2021-35565, CVE-2021-35578

Security Advisory Description CVE-2021-35588 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u311, 8u301; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit...

K37256400: Linux kernel vulnerability CVE-2021-4028

Security Advisory Description A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local...

K32805465: Linux kernel Vulnerability CVE-2021-3483

Security Advisory Description A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality,...

K03521623: Linux kernel vulnerability CVE-2017-7541

Security Advisory Description The brcmfcfg80211mgmttx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service buffer overflow and system crash or possibly gain privileges via a crafted NL80211CMDFRAM...

K49905324: BIG-IP TMUI CSRF vulnerability CVE-2022-1389

Security Advisory Description A cross-site request forgery CSRF vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This vulnerability allows an attacker to run a limited set of commands: ping, traceroute, and WOM diagnostics. CVE-2022-1389 Impact An attacker may...