K000137790: Linux kernel vulnerability CVE-2023-3609

Security Advisory Description A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in...

K000137791: Linux kernel vulnerability CVE-2023-35788

Security Advisory Description An issue was discovered in flsetgeneveopt in net/sched/clsflower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCAFLOWERKEYENCOPTSGENEVE packets. This may result in denial of service or privilege escalation...

K000137761: Apache ActiveMQ vulnerability CVE-2023-46604

Security Advisory Description The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in...

K000137734: MariaDB/MySQL vulnerability CVE-2023-22084

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

K000137702: Apache vulnerability CVE-2022-25147

Security Advisory Description Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility APR-util 1.6.1 and prior versions. CVE-2022-25147...

K000137672: Intel In-Band Manageability software vulnerability CVE-2022-41689

Security Advisory Description Improper access control in some Intel In-Band Manageability software before version 3.0.14 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2022-41689 Impact There is no impact; F5 products are not affected by this...

K000137612: Oracle Java SE vulnerability CVE-2023-22025

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle...

K000137584: Linux kernel vulnerability CVE-2023-1829

Security Advisory Description A use-after-free vulnerability in the Linux Kernel traffic control index filter tcindex can be exploited to achieve local privilege escalation. The tcindexdelete function which does not properly deactivate filters in case of a perfect hashes while deleting the...

K000137582: BIND vulnerability CVE-2023-3341

Security Advisory Description The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run...

K000137368: Overview of F5 vulnerabilities (October 26, 2023)

Security Advisory Description On October 26, 2023, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associate...

K000137365: BIG-IP Configuration utility authenticated SQL injection vulnerability CVE-2023-46748

Security Advisory Description An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility. CVE-2023-46748 Impact This vulnerability may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP...

K000137322: BIG-IP iRule or LTM policy may generate multiple HTTP redirect responses

Security Advisory Description A specifically crafted HTTP request may lead the BIG-IP system to generate multiple HTTP redirect responses. This issue occurs when all of the following conditions are met: A virtual server has one or more of the following configurations: An iRule with an...

K000137353: BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747

Security Advisory Description Undisclosed requests may bypass Configuration utility authentication. CVE-2023-46747 Impact This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary...

K000137315: ZebOS BGP vulnerability CVE-2023-45886

Security Advisory Description The BGP daemon bgpd in ZebOS through 7.10.6 allows remote attackers to cause a denial-of-service DoS by sending crafted BGP update messages containing a malformed attribute. CVE-2023-45886 Impact This vulnerability may allow a remote unauthenticated attacker to cause...

K000137330: Node.JS vulnerabilities CVE-2023-38552, CVE-2023-39331, CVE-2023-39332, and CVE-2023-3933

Security Advisory Description CVE-2023-38552 When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to the node's policy implementation, thus effectively disabling the integrity check...

K000137327: Apache mod_http2 vulnerability CVE-2023-45802

Security Advisory Description When a HTTP/2 stream was reset RST frame by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the...

K000137326: Apache mod_macro vulnerability CVE-2023-31122

Security Advisory Description Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development ha...

K000137325: Apache httpd vulnerability CVE-2023-43622

Security Advisory Description An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack...

K000137257: cURL vulnerabilities CVE-2023-38545

Security Advisory Description This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can b...

K000137229: BIND vulnerability CVE-2022-38178

Security Advisory Description By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. CVE-2022-38178 Impact DNS...

K000137204: Intel BIOS vulnerability CVE-2022-43505

Security Advisory Description Insufficient control flow management in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable denial of service via local access. CVE-2022-43505 Impact This vulnerability may allow a privileged user to potentially enable...

K000137201: Intel BIOS vulnerability CVE-2022-37343

Security Advisory Description Improper access control in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2022-37343 Impact This vulnerability may allow a privileged user to potentially enable escalation o...

K000137211: cURL vulnerabilities CVE-2023-38546

Security Advisory Description This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles" that are the individual handles for single...

K000137202: Intel BIOS vulnerability CVE-2022-38083

Security Advisory Description Improper initialization in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access CVE-2022-38083. Impact There is no impact; F5 products are not affected by this vulnerability. F5...

K000137053: Overview of F5 vulnerabilities (October 2023)

Security Advisory Description Note : F5 is committed to responding quickly to potential vulnerabilities in F5 products. As with all publicly known vulnerabilities, F5 is committed to publishing a response as soon as the vulnerability has been thoroughly investigated. In this case, an external...

K000137106: HTTP/2 vulnerability CVE-2023-44487

Security Advisory Description The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-44487 also known as HTTP/2 Rapid Reset Attack Impact BIG-IP and...

K000135040: BIG-IP Edge Client for macOS vulnerability CVE-2023-5450

Security Advisory Description An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on macOS that may allow an attacker elevation of privileges during the installation process. CVE-2023-5450 Impact An authenticated attacker with local access on the target macOS...

K000135944: Attack signature check security exposure

Security Advisory Description BIG-IP Advanced WAF, BIG-IP ASM, and NGINX App Protect systems incorrectly handle certain requests. This issue occurs when the following condition is met: BIG-IP Advanced WAF, BIG-IP ASM, and NGINX App Protect handle a crafted request with the parameter value. Impact...

K21800102: HTTP RFC enforcement is bypassed when a redirect iRule is applied to the virtual server

Security Advisory Description A specifically crafted HTTP request may bypass BIG-IP HTTP RFC enforcement and may lead the BIG-IP system to pass malformed HTTP requests to a target pool member web server. This issue occurs when all of the following conditions are met: A virtual server with an iRul...

K000133467: BIG-IP HTTP/2 vulnerability CVE-2023-40534

Security Advisory Description Undisclosed requests can cause the Traffic Management Microkernel TMM to terminate when a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server and an iRule using the HTTPREQUEST event or Local Traffic Policy are associated with t...

K26910459: BIG-IP iControl REST vulnerability CVE-2023-42768

Security Advisory Description When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST, the BIG-IP non-admin user can still access the iContro...

K75431121: BIG-IP APM OAuth Bearer with SSO does not process HTTP headers as expected

Security Advisory Description BIG-IP APM OAuth Bearer Single Sign-On SSO may forward HTTP headers as-is without the expected processing when all of the following conditions are met: Bearer SSO configured API Protection profile in use OAuth token failure occurs Impact HTTP headers are forwarded...

K29141800: Multi-blade VIPRION Configuration utility session cookie vulnerability CVE-2023-40537

Security Advisory Description An authenticated user's session cookie may remain valid for a limited time after logging out from the BIG-IP Configuration utility on a multi-blade VIPRION platform. CVE-2023-40537 Impact A remote unauthenticated attacker may be able to reuse, for a limited time, an...

K000136185: BIG-IP Edge Client for macOS vulnerability CVE-2023-43611

Security Advisory Description The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. CVE-2023-43611 Note : This vulnerability is due to an incomplete fix for CVE-2023-38418. Impact An attacker with an ability to run...

K000134652: BIG-IP TCP profile vulnerability CVE-2023-40542

Security Advisory Description When TCP Verified Accept is enabled on a TCP profile that is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2023-40542 Impact System performance can degrade until the Traffic Management Microkernel TMM...

K47756555: BIG-IP APM Guided Configuration vulnerability CVE-2023-39447

Security Advisory Description When BIG-IP APM Guided Configuration is configured, undisclosed sensitive information may be logged in the restnoded log file. CVE-2023-39447 Impact This vulnerability may allow a high privileged authenticated attacker with local access to the BIG-IP system to read...

K000135689: BIG-IP Configuration utility vulnerability CVE-2023-41373

Security Advisory Description A directory traversal vulnerability exists in the BIG-IP Configuration utility that may allow an authenticated attacker to execute commands on the BIG-IP system. For BIG-IP systems running in Appliance mode, a successful exploit can allow the attacker to cross a...

K98334513: BIG-IP DNS TSIG key vulnerability CVE-2023-41253

Security Advisory Description When a BIG-IP DNS or BIG-IP LTM system is enabled with the DNS Services license, and a TSIG key is created, the key is logged in plaintext in the audit log. CVE-2023-41253 Impact An authenticated attacker with at least auditor role privileges can view the TSIG key in...

K000135874: BIG-IP Next SPK SSH vulnerability CVE-2023-45226

Security Advisory Description The BIG-IP SPK TMM Traffic Management Module f5-debug-sidecar and f5-debug-sshd containers contain hardcoded credentials that may allow an attacker with the ability to intercept traffic to impersonate the SPK Secure Shell SSH server on those containers. This is expos...

K20850144: BIG-IP and BIG-IQ DB variable vulnerability CVE-2023-41964

Security Advisory Description The BIG-IP and BIG-IQ systems do not encrypt the values of two Database DB variables, a password used for a proxy server connection and a RADIUS/TACACS+ shared secret. CVE-2023-41964 Impact An authenticated attacker may be able to gain access to privileged informatio...

K000132420: BIG-IP IPsec vulnerability CVE-2023-41085

Security Advisory Description When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2023-41085 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote unauthenticated attacker to...

K06110200: BIG-IP and BIG-IQ TACACS+ audit log vulnerability CVE-2023-43485

Security Advisory Description When TACACS+ audit forwarding is configured on a BIG-IP or BIG-IQ system, shared secret is logged in plaintext in the audit log. CVE-2023-43485 Impact An authenticated attacker with at least auditor role privileges can view shared secret. There is no data plane...

K41072952: BIG-IP Appliance mode external monitor vulnerability CVE-2023-43746

Security Advisory Description When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions utilizing BIG-IP external monitor on a BIG-IP system. A successful exploit can allow the attacker to cross a security boundary...

K20307245: BIG-IP tmsh vulnerability CVE-2023-45219

Security Advisory Description Exposure of Sensitive Information vulnerability exists in an undisclosed BIG-IP TMOS Shell tmsh command, which may allow an authenticated attacker with resource administrator role privileges to view sensitive information. CVE-2023-45219 Impact An authenticated attack...

K000137187: GlibC vulnerability CVE-2023-4911

Security Advisory Description A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with...

K000137188: AMD CPU vulnerability CVE-2021-26401

Security Advisory Description LFENCE/JMP mitigation V2-2 may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. CVE-2021-26401 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supporte...

K000137186: Linux kernel vulnerability CVE-2022-3564

Security Advisory Description A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2capreassemblesdu of the file net/bluetooth/l2capcore.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply ...

K000137107: Crypto++ vulnerability CVE-2022-48570

Security Advisory Description Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned. NOTE: this issue exists because the CVE-2019-143...

K000137105: libvpx vulnerability CVE-2023-5217

Security Advisory Description Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High CVE-2023-5217 Impact There is no impac...

K000137093: Node.js vulnerabilities CVE-2018-7167, CVE-2018-12115, and CVE-2018-12116

Security Advisory Description CVE-2018-7167 Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc and Buffer.fill were updated so that they zero fill instea...