K57774767: Linux kernel vulnerability CVE-2021-45469

Security Advisory Description In f2fssetxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry. CVE-2021-45469 Impact There is no impact; F5 products are not affected by this vulnerability. Security...

K61186963: cURL vulnerability CVE-2020-8285

Security Advisory Description curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. CVE-2020-8285 Impact A malicious FTP server can trigger a stack overflow and cause a denial-of-service DoS on the F5 product that ...

K71080411: Linux kernel vulnerability CVE-2021-4155

Security Advisory Description A data leak flaw was found in the way XFSIOCALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. CVE-2021-4155 Impact Ther...

K50242910: Intel CSME vulnerabilities CVE-2020-0533, CVE-2020-0534, CVE-2020-0536, and CVE-2020-0539

Security Advisory Description CVE-2020-0533 Reversible one-way hash in IntelR CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access. CVE-2020-0534 Improper input...

K19430431: TMM vulnerability CVE-2017-6160

Security Advisory Description A remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel TMM to restart and temporarily fail to process traffic. This issue is exposed on virtual servers using a Policy Enforcement profile or a Web Acceleration profile...

K84891934: Oracle Access Manager vulnerability CVE-2018-2739 and CVE-2018-2587

Security Advisory Description CVE-2018-2739 Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware subcomponent: Web Server Plugin. Supported versions that are affected are 10.1.4.3.0, 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated...

K86569155: Apache Gobblin vulnerability CVE-2021-36152

Security Advisory Description Apache Gobblin trusts all certificates used for LDAP connections in Gobblin-as-a-Service. This affects versions = 0.15.0. Users should update to version 0.16.0 which addresses this issue. CVE-2021-36152 Impact There is no impact; F5 products are not affected by this...

K46121888: ssldump vulnerability CVE-2018-5519

Security Advisory Description Administrative users by way of undisclosed methods can exploit the ssldump utility to write to arbitrary file paths. For users who do not have Advanced Shell access for example, any user when licensed for Appliance Mode, this allows more permissive file access than...

K95117754: TMM vulnerability CVE-2019-6684

Security Advisory Description Under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing vCMP may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can leverage the fragmented broadcast IP packets to perform any type of...

K51473743: MySQL Server C API vulnerability CVE-2017-3650

Security Advisory Description Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: C API. Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

K74007441: Linux kernel vulnerability CVE-2013-4350

Security Advisory Description The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the...

K21121741: BIG-IP AFM SQL injection vulnerability CVE-2019-6658

Security Advisory Description A vulnerability in the BIG-IP AFM Configuration utility may allow any authenticated BIG-IP user to run an SQL injection attack. CVE-2019-6658 Impact An attacker may be able to extract table name enumeration and user account names. All other data available through the...

K16712298: libxml2 vulnerability CVE-2016-1834

Security Advisory Description Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service memory...

K22130301: Telnet vulnerability CVE-2020-10188

Security Advisory Description utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. CVE-2020-10188 Impact There is no impact; F5 products are...

K31022653: Spring Framework vulnerability CVE-2018-1257

Security Advisory Description Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user or...

K12139752: BIG-IP SNMPD vulnerability CVE-2019-6608

Security Advisory Description Under certain conditions, the snmpd process may leak memory on a multi-blade BIG-IP Virtual Clustered Multiprocessing vCMP guest when processing authorized SNMP requests. CVE-2019-6608 Impact Over time, the snmpd process consumes excessive memory, forcing the BIG-IP...

K50343028: BIG-IP FastL4 profile vulnerability CVE-2022-23029

Security Advisory Description When a FastL4 profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. CVE-2022-23029 Impact System performance degradation can occur until the process is either forced to restart or manually restarted. This...

K63427774: Multiple Oracle Java SE vulnerabilities

Security Advisory Description CVE-2016-5542 Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to Libraries. CVE-2016-5554 Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and...

K31411450: cURL and libcurl vulnerability CVE-2016-8620

Security Advisory Description The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input. CVE-2016-8620 Impact An attacker can cause a denial-of-service DoS by exploiting a flaw in the cURL tool's glob parser to...

K26899353: libcurl vulnerability CVE-2016-8621

Security Advisory Description The curlgetdate function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short. CVE-2016-8621 Impact Custom monitors or shell scripts using curl to download content with a malformed time stamp may be...

K51392553: libpixman vulnerability CVE-2013-1591

Security Advisory Description Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fastcompositescaledbilinear functi...

K51740320: BIND vulnerability CVE-2019-6468

Security Advisory Description In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet ECS features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion...

K23203045: BIG-IP Advanced WAF and ASM REST API vulnerability CVE-2021-23014

Security Advisory Description BIG-IP Advanced WAF and ASM are missing authorization checks for file uploads to a specific directory within the REST API, which might allow authenticated users with guest privileges to upload files. CVE-2021-23014 Impact If an attacker has network access to the BIG-...

K10534046: OpenSSL vulnerability CVE-2011-0014

Security Advisory Description ssl/t1lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service crash, and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers a...

K77671456: BIG-IP TMM vulnerability CVE-2018-5510

Security Advisory Description The Traffic Management Microkernel TMM may restart when processing a specific sequence of packets on IPv6 virtual servers. CVE-2018-5510 Note : This vulnerability does not affect IPv4 virtual servers. Impact The Traffic Management Microkernel TMM generates a core fil...

K16882: OpenLDAP vulnerability CVE-2013-4449

Security Advisory Description Description The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service slapd crash by unbinding immediately after a search request, which triggers rwmconndestroy to free the...

K15892: Oracle Database Server vulnerabilities CVE-2013-3751, CVE-2013-3774, CVE-2014-4236, CVE-2014-4237, and CVE-2014-4245

Security Advisory Description CVE-2013-3751 Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. CVE-2013-3774 Unspecified...

K17189: Apache HTTP server vulnerability CVE-2008-0456

Security Advisory Description CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP...

K45427159: NTP authentication bypass vulnerability CVE-2016-1551

Security Advisory Description ntpd in NTP 4.2.8p3 and NTPsec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 relies on the underlying operating system to protect it from requests that impersonate reference clocks. Because reference clocks are treated like other peers and stored in the same structure, an...

K23822215: glibc calloc vulnerability CVE-2015-5229

Security Advisory Description The calloc function in the glibc package in Red Hat Enterprise Linux RHEL 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service hang or crash via unspecified vectors. CVE-2015-5229 Impact Thi...

K53442005: BIG-IP VE vulnerability CVE-2022-23030

Security Advisory Description When the BIG-IP Virtual Edition VE uses the ixlv driver which is used in SR-IOV mode and requires Intel X710/XL710/XXV710 family of network adapters on the Hypervisor and TCP Segmentation Offload configuration is enabled, undisclosed requests may cause an increase in...

K15305: OpenSSL vulnerability CVE-2004-0975

Security Advisory Description The derchop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. CVE-2004-0975 Impact None. F5 products are not affected by this vulnerability...

K31130692: GNU Guile vulnerabilities CVE-2016-8605 and CVE-2016-8606

Security Advisory Description CVE-2016-8605 The mkdir procedure of GNU Guile temporarily changed the process umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode...

K54167061: TMM SSL profile vulnerability CVE-2019-6592

Security Advisory Description TMM may restart and produce a core file when validating SSL certificates in Client SSL or Server SSL profiles. CVE-2019-6592 Impact BIG-IP The Traffic Management Microkernel TMM may restart and temporarily fail to process traffic. BIG-IQ, Enterprise Manager, F5...

K35195140: BIG-IQ Access Manager role vulnerability CVE-2017-6152

Security Advisory Description A local BIG-IQ user with the Access Manager role has privileges to change the passwords of other users on the system, including the local admin account password. CVE-2017-6152 Impact This vulnerability allows increased privileges for user accounts with the Access...

K73189318: Linux kernel vulnerability CVE-2015-7509

Security Advisory Description fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service system crash via a crafted no-journal filesystem, a related issue to CVE-2013-2015. CVE-2015-7509 Impact The attacker may be able to cause a...

K000132457: ImageMagick vulnerability CVE-2022-44268

Security Advisory Description ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image e.g., for resize, the resulting image could have embedded the content of an arbitrary. file if the magick binary has permissions to read it. CVE-2022-44268 Impact BIG-IP AAM, Edg...

K98008862: OpenLDAP vulnerability CVE-2019-13565

Security Advisory Description An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any...

K10015187: BIG-IP APM client for Windows vulnerability CVE-2018-5547

Security Advisory Description Windows Logon Integration feature of F5 BIG-IP APM client prior to version 7.1.7.1 for Windows by default uses Legacy logon mode which uses a SYSTEM account to establish network access. This feature displays a certificate user interface dialog box which contains the...

K10347453: BIG-IP SIP profile vulnerability CVE-2022-41832

Security Advisory Description When a Session Initiation Protocol SIP profile is configured on a virtual server, undisclosed messages can cause an increase in memory resource utilization.CVE-2022-41832 Impact System performance can degrade until the Traffic Management Microkernel TMM process is...

SOL34224086 - MySQL vulnerability CVE-2016-5627

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

SOL15417213 - Samba vulnerability CVE-2015-7540

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

SOL40496533 - PHP vulnerability CVE-2016-3132

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

SOL03534020 - PHP vulnerability CVE-2016-5767

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

SOL71489519 - Wireshark vulnerability CVE-2015-4652

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

SOL23432135 - Apache Struts 2 vulnerability CVE-2016-3093

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

SOL51758043 - MySQL vulnerability CVE-2016-0639

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

SOL57492753 - MySQL Optimizer vulnerability CVE-2016-0651

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

SOL23675185 - Apache Qpid vulnerabilities CVE-2016-3094 and CVE-2016-4432

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

SOL63675293 - NTP vulnerability CVE-2016-1548

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...