F5 BIG-IP Traffic Management Microkernel Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in F5 BIG-IP systems when the database variable 'tm.tcpudptxchecksum' is set to the non-default value 'Software-only'. Under these conditions, certain undisclosed traffic can cause the Traffic Management Microkernel (TMM) to crash, disrupting services until the TMM process is restarted. This issue affects BIG-IP versions 15.1.0 through 15.1.10, 16.1.0 through 16.1.6, and 17.1.0 through 17.1.2.

Impact

Exploiting this vulnerability causes the TMM process to terminate, leading to a disruption of traffic management services on the BIG-IP system while TMM restarts. This creates a temporary denial-of-service condition.

Remediation

To address this vulnerability, users can revert the 'tm.tcpudptxchecksum' database variable to its default value, 'Hardware-enabled'. For those running vulnerable BIG-IP versions, upgrading to a fixed version is recommended. F5 provides a hotfix matrix for guidance on available updates.