F5 BIG-IP Traffic Management Microkernel Denial-of-Service Vulnerability via iRules
Vulnerability
A denial-of-service vulnerability has been identified in F5 BIG-IP systems when an iRule using the ILX::call command is applied to a virtual server. Undisclosed traffic can disrupt the Traffic Management Microkernel (TMM), causing it to terminate and restart. This issue affects BIG-IP versions 15.1.0 through 15.1.10, 16.1.0 through 16.1.6, and 17.1.0 through 17.1.2. Notably, this vulnerability allows remote, unauthenticated attackers to cause a TMM process disruption, with the impact limited to the data plane.
Impact
Exploitation of this vulnerability leads to a traffic disruption while the TMM process restarts, causing a denial-of-service condition on the BIG-IP system.
Remediation
Users can upgrade to BIG-IP versions 15.1.10.8, 16.1.6.1, or 17.5.1.3 to address this vulnerability. For more information about F5 hotfixes and point releases, refer to the F5 BIG-IP hotfix and point release matrix.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.