CVE-2013-6016

Name of the Vulnerable Software and Affected Versions F5 BIG-IP LTM versions 10.0.0 through 10.2.2 and 11.0.0 F5 BIG-IP APM versions 10.0.0 through 10.2.2 and 11.0.0 F5 BIG-IP ASM versions 10.0.0 through 10.2.2 and 11.0.0 F5 BIG-IP Edge Gateway versions 10.0.0 through 10.2.2 and 11.0.0 F5 BIG-IP GTM versions 10.0.0 through 10.2.2 and 11.0.0 F5 BIG-IP Link Controller versions 10.0.0 through 10.2.2 and 11.0.0 F5 BIG-IP WOM versions 10.0.0 through 10.2.2 and 11.0.0 F5 Analytics version 11.0.0 F5 PSM versions 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1 F5 WebAccelerator versions 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0

Description The issue allows remote attackers to cause a denial of service via unspecified vectors, potentially leading to a SIGFPE or assertion failure and TMM restart, by changing a TCP connection to the ESTABLISHED state before receiving the ACK packet.

Recommendations For F5 BIG-IP LTM versions 10.0.0 through 10.2.2 and 11.0.0, consider disabling the TMM until a patch is available. For F5 BIG-IP APM versions 10.0.0 through 10.2.2 and 11.0.0, consider disabling the TMM until a patch is available. For F5 BIG-IP ASM versions 10.0.0 through 10.2.2 and 11.0.0, consider disabling the TMM until a patch is available. For F5 BIG-IP Edge Gateway versions 10.0.0 through 10.2.2 and 11.0.0, consider disabling the TMM until a patch is available. For F5 BIG-IP GTM versions 10.0.0 through 10.2.2 and 11.0.0, consider disabling the TMM until a patch is available. For F5 BIG-IP Link Controller versions 10.0.0 through 10.2.2 and 11.0.0, consider disabling the TMM until a patch is available. For F5 BIG-IP WOM versions 10.0.0 through 10.2.2 and 11.0.0, consider disabling the TMM until a patch is available. For F5 Analytics version 11.0.0, consider disabling the TMM until a patch is available. For F5 PSM versions 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1, consider disabling the TMM until a patch is available. For F5 WebAccelerator versions 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0, consider disabling the TMM until a patch is available.