K000139084: DNS vulnerability CVE-2023-50868

Security Advisory Description The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cause a denial of service CPU consumption for SHA-1 computations via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. T...

K000139064: Apache vulnerabilities CVE-2009-2299, CVE-2012-3526, CVE-2012-4001, and CVE-2012-4360

Security Advisory Description CVE-2009-2299 The Artofdefence Hyperguard Web Application Firewall WAF module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service memory consumption via an...

K000139044: Apache httpd vulnerabilities CVE-2011-1176, CVE-2011-2688, CVE-2013-0942, CVE-2013-2765, and CVE-2013-4365

Security Advisory Description CVE-2011-1176 The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which...

K000139043: Apache Struts vulnerabilities CVE-2016-4430, CVE-2016-4431, and CVE-2016-4433

Security Advisory Description CVE-2016-4430 Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery CSRF attacks via unspecified vectors. CVE-2016-4431 Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers ...

K000139026: NTP vulnerability CVE-2009-3563

Security Advisory Description ntprequest.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service CPU and bandwidth consumption by using MODEPRIVATE to send a spoofed 1 request or 2 response packet that triggers a continuous exchange of MODEPRIVATE error...

K000138990: BIND vulnerability CVE-2023-4408

Security Advisory Description The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting thi...

K000138991: BIND vulnerability CVE-2023-6516

Security Advisory Description To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is...

K000138989: BIND vulnerability CVE-2023-5517

Security Advisory Description A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. Th...

K000138977: ncurses vulnerability CVE-2022-29458

Security Advisory Description ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convertstrings in tinfo/readentry.c in the terminfo library. CVE-2022-29458 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Stat...

K000138966: Intel Xeon CPU vulnerability CVE-2023-23908

Security Advisory Description Improper access control in some 3rd Generation IntelR XeonR Scalable processors may allow a privileged user to potentially enable information disclosure via local access. CVE-2023-23908 Impact This vulnerability may allow a privileged user to enable information...

K000138957: Libxml2 vulnerability CVE-2023-39615

Security Advisory Description Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted XML file. NOTE: the vendor's position is that...

K000138953: Python vulnerability CVE-2023-41105

Security Advisory Description An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath, the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for...

K000138931: Intel CPU vulnerability CVE-2023-32666

Security Advisory Description On-chip debug and test interface with improper access control in some 4th Generation IntelR XeonR Processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2023-32666 Impact There is...

K000138895: BIND vulnerability CVE-2023-5679

Security Advisory Description A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through...

K000138866: Python Pillow vulnerability CVE-2023-50447

Security Advisory Description Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was about the expression parameter. CVE-2023-50447 Impact There is no impact; F5 products are not affected by...

K000138851: OpenJDK vulnerabilities CVE-2024-20921, CVE-2024-20926, and CVE-2024-20932

Security Advisory Description CVE-2024-20921 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle...

K000138850: OpenJDK vulnerabilities CVE-2024-20918, CVE-2024-20925, CVE-2024-20945, CVE-2024-20952, and CVE-2024-20955

Security Advisory Description CVE-2024-20918 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle...

K000138827: OpenSSH vulnerability CVE-2023-51385

Security Advisory Description In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell...

K000138825: OpenSSH vulnerability CVE-2023-51384

Security Advisory Description In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token...

K000138814: OpenLDAP vulnerability CVE-2023-2953

Security Advisory Description A vulnerability was found in openldap. This security flaw causes a null pointer dereference in bermemallocx function. CVE-2023-2953. Impact This vulnerability may result in low system memory leading to failure in LDAP authentication. Security Advisory Status F5 Produ...

K000138726: Linux kernel vulnerability CVE-2023-3611

Security Advisory Description An out-of-bounds write vulnerability in the Linux kernel's net/sched: schqfq component can be exploited to achieve local privilege escalation. The qfqchangeagg function in net/sched/schqfq.c allows an out-of-bounds write because lmax is updated according to packet...

K000138731: Linux vulnerability CVE-2023-3776

Security Advisory Description A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, fwsetparms will immediately return an error after incrementing or decrementing the reference counter in...

K000138682: libssh vulnerability CVE-2023-2283

Security Advisory Description A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in thepkiverifydatasignature function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The...

K000138704: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2024-20964 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with...

K000138695: OpenSSL vulnerability CVE-2024-0727

Security Advisory Description Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12...

K000138693: Linux kernel vulnerabilities CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208

Security Advisory Description CVE-2023-4206 A use-after-free vulnerability in the Linux kernel's net/sched: clsroute component can be exploited to achieve local privilege escalation. When route4change is called on an existing filter, the whole tcfresult struct is always copied into the new instan...

K000138679: Golang vulnerabilities CVE-2023-24540, CVE-2023-29400, and CVE-2023-29403

Security Advisory Description CVE-2023-24540 Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly...

K000138650: cURL vulnerability CVE-2023-46218

Security Advisory Description This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It...

K000138649: GnuTLS vulnerabilities CVE-2023-5981 and CVE-2024-0553

Security Advisory Description CVE-2023-5981 A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding. CVE-2024-0553 A vulnerability was found in GnuTLS. The response times to...

K000138668: OpenSSL vulnerability CVE-2023-6237

Security Advisory Description Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained fro...

K000138651: c-ares vulnerability CVE-2022-4904

Security Advisory Description A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrit...

K000138643: OpenSSH vulnerability CVE-2023-51767

Security Advisory Description OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks for authentication bypass because the integer value of authenticated in mmanswerauthpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat...

K000138641: cURL vulnerability CVE-2023-46219

Security Advisory Description When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use. CVE-2023-46219 Impact An attacker with a network position that allows the...

K000138640: Perl vulnerability CVE-2023-47038

Security Advisory Description A vulnerability was found in perl. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer. CVE-2023-47038 Impact This vulnerability could allow a local...

K000138629: Python vulnerability CVE-2022-48560

Security Advisory Description A use-after-free exists in Python through 3.9 via heappushpop in heapq. CVE-2022-48560 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases for...

K000138628: python-pip vulnerabilities CVE-2021-3572 and CVE-2023-5752

Security Advisory Description CVE-2021-3572 A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity...

K000138618: BIND vulnerability CVE-2023-5680

Security Advisory Description If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1...

K000138353: Quarterly Security Notification (February 2024)

Security Advisory Description On February 14, 2024, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associat...

K91054692: BIG-IP Appliance mode iAppsLX vulnerability CVE-2024-23976

Security Advisory Description When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions utilizing iAppsLX templates on a BIG-IP system. CVE-2024-23976 Impact An authenticated attacker with local system access and th...

K000137521: BIG-IP AFM vulnerability CVE-2024-21763

Security Advisory Description When BIG-IP AFM Device DoS or DoS profile is configured with NXDOMAIN attack vector and bad actor detection, undisclosed queries can cause the Traffic Management Microkernel TMM to terminate. CVE-2024-21763 Impact Traffic is disrupted while the TMM process restarts...

K000137334: F5 Application Visibility and Reporting module and BIG-IP Advanced WAF/ASM vulnerability CVE-2024-23805

Security Advisory Description Undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. For the Application Visibility and Reporting module, this may occur when the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and th...

K000137270: BIG-IP Advanced WAF and BIG-IP ASM vulnerability CVE-2024-21789

Security Advisory Description When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2024-21789 Impact System performance can degrade until the bd process is either forced to restart or is...

K000137333: BIG-IP TMM vulnerability CVE-2024-24775

Security Advisory Description When a virtual server is enabled with VLAN group and SNAT listener is configured, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2024-24775 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a...

K000135946: BIG-IP PEM vulnerability CVE-2024-23982

Security Advisory Description When a BIG-IP PEM classification profile is configured on a UDP virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. This issue affects classification engines using signatures released between 09-08-2022 and 02-16-2023...

K000137886: BIG-IP Next CNF vulnerability CVE-2024-23306

Security Advisory Description A vulnerability exists in BIG-IP Next CNF systems that may allow access to undisclosed sensitive files. CVE-2024-23306 Impact An authenticated attacker may be able to modify or remove undisclosed configuration files causing a loss of confidentiality and integrity. Th...

K98606833: BIG-IP and BIG-IQ scp vulnerability CVE-2024-21782

Security Advisory Description BIG-IP or BIG-IQ Resource Administrators and Certificate Managers who have access to the secure copy scp utility but do not have access to Advanced Shell bash can execute arbitrary commands with a specially crafted command string. This vulnerability is due to an...

K11453402: BIG-IP Cookie encryption security exposure

Security Advisory Description When HTTP Profile Cookie encryption is enabled, duplicate HTTP cookies may be passed on to back-end servers. This issue occurs when the following condition is met: The virtual server has an HTTP Profile with Cookie Encryption enabled. Impact The back-end pool member...

K000137675: BIG-IP HTTP/2 vulnerability CVE-2024-23314

Security Advisory Description When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause the Traffic Management Microkernel TMM to terminate. CVE-2024-23314 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote...

K000137796: BIG-IP SSL profile security exposure

Security Advisory Description The BIG-IP system may not honor the revocation status of a certificate present in the certificate revocation list CRL file, potentially allowing unauthorized connections. This issue occurs when all of the following conditions are met: A ClientSSL or ServerSSL profile...

K000138445: NGINX HTTP/3 QUIC vulnerability CVE-2024-24990

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. CVE-2024-24990 Note : The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information,...