F5 BIG-IP Message Routing Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in F5 BIG-IP systems when a message routing profile is active on a virtual server. Undisclosed traffic can lead to increased memory usage, causing the Traffic Management Microkernel (TMM) process to degrade system performance. This issue affects BIG-IP versions 15.1.0 through 15.1.10, 16.1.0 through 16.1.5, and 17.1.0 to 17.1.1. Notably, this vulnerability is a data plane issue only, with no exposure to the control plane.

Impact

Exploitation of this vulnerability causes a degradation of service, leading to a denial-of-service condition on the BIG-IP system. The performance decline can persist until the TMM process is manually restarted or forced to restart.

Remediation

Users can upgrade to BIG-IP versions 16.1.6, 15.1.10.6.0.11.6, or 17.1.2 to address this vulnerability. For more information about managing BIG-IP product hotfixes, refer to the MyF5 article K13123.