CVE-2018-5518

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 12.0.0 through 12.1.3.3 F5 BIG-IP versions 13.0.0 through 13.1.0.5

Description The issue allows malicious root users with access to a VCMP guest to cause a disruption of service on adjacent VCMP guests running on the same host. This can be exploited by causing the vCMPd process on the adjacent VCMP guest to restart and produce a core file. The vulnerability is only exploitable on VCMP guests operating in "host-only" or "bridged" mode, and not on those that are "isolated". Guests deployed in "Appliance Mode" may be impacted, but the exploit is not possible from an Appliance Mode guest. Exploitation requires root access on a guest system deployed as "host-only" or "bridged" mode.

Recommendations For F5 BIG-IP versions 12.0.0 through 12.1.3.3, consider restricting access to the vCMPd process to minimize the risk of exploitation. For F5 BIG-IP versions 13.0.0 through 13.1.0.5, consider restricting access to the vCMPd process to minimize the risk of exploitation. As a temporary workaround, consider disabling the VCMP guest operating in "host-only" or "bridged" mode until a patch is available.