CVE-2015-8240

Name of the Vulnerable Software and Affected Versions F5 BIG-IP LTM versions prior to 11.4.1 HF10 F5 BIG-IP LTM versions 11.5.x prior to 11.5.4 F5 BIG-IP LTM versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP AAM versions prior to 11.4.1 HF10 F5 BIG-IP AAM versions 11.5.x prior to 11.5.4 F5 BIG-IP AAM versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP AFM versions prior to 11.4.1 HF10 F5 BIG-IP AFM versions 11.5.x prior to 11.5.4 F5 BIG-IP AFM versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP Analytics versions prior to 11.4.1 HF10 F5 BIG-IP Analytics versions 11.5.x prior to 11.5.4 F5 BIG-IP Analytics versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP APM versions prior to 11.4.1 HF10 F5 BIG-IP APM versions 11.5.x prior to 11.5.4 F5 BIG-IP APM versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP ASM versions prior to 11.4.1 HF10 F5 BIG-IP ASM versions 11.5.x prior to 11.5.4 F5 BIG-IP ASM versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP GTM versions prior to 11.4.1 HF10 F5 BIG-IP GTM versions 11.5.x prior to 11.5.4 F5 BIG-IP GTM versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP Link Controller versions prior to 11.4.1 HF10 F5 BIG-IP Link Controller versions 11.5.x prior to 11.5.4 F5 BIG-IP Link Controller versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP PEM versions prior to 11.4.1 HF10 F5 BIG-IP PEM versions 11.5.x prior to 11.5.4 F5 BIG-IP PEM versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP PSM versions prior to 11.4.1 HF10

Description The Traffic Management Microkernel (TMM) in F5 BIG-IP does not properly handle TCP options, which allows remote attackers to cause a denial of service via unspecified vectors, related to the tm.minpathmtu database variable.

Recommendations For F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM versions prior to 11.4.1 HF10, update to version 11.4.1 HF10 or later. For F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM versions 11.5.x prior to 11.5.4, update to version 11.5.4 or later. For F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM versions 11.6.x prior to 11.6.0 HF6, update to version 11.6.0 HF6 or later. For F5 BIG-IP PSM versions prior to 11.4.1 HF10, update to version 11.4.1 HF10 or later.