CVE-2018-5509

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 12.1.0 through 12.1.3.1 F5 BIG-IP version 13.0.0

Description The issue occurs when a specifically configured virtual server receives traffic of an undisclosed nature, causing TMM to crash and potentially leading to a denial of service. This configuration is not common and does not work when enabled in previous versions of BIG-IP. The crash happens when the configuration is enabled and the virtual server receives non-TCP traffic, starting from version 12.1.0. The fix includes additional configuration validation logic to prevent this configuration from being applied to a virtual server. There is only data plane exposure with a non-standard configuration, and no control plane exposure.

Recommendations For F5 BIG-IP versions 12.1.0 through 12.1.3.1, update to a version that includes the fix for this issue to prevent TMM from crashing when receiving non-TCP traffic with the specific configuration. For F5 BIG-IP version 13.0.0, update to a version that includes the fix for this issue to prevent TMM from crashing when receiving non-TCP traffic with the specific configuration. As a temporary workaround, consider disabling the non-standard configuration that exposes this issue until a patch is available.