F5 BIG-IP FastL4 Virtual Server Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in F5 BIG-IP systems with embedded Packet Velocity Acceleration (ePVA) configured. Undisclosed local Ethernet traffic can lead to increased resource utilization in both ePVA and the Traffic Management Microkernel (TMM). This performance degradation can cause the TMM process to crash or require a manual restart. The vulnerability affects BIG-IP tenants on F5 r5000, r10000, r12000, BX110, and BX520 systems with ePVA acceleration enabled, while all other F5 rSeries systems are not impacted.

Impact

Exploitation of this vulnerability causes a degradation of service on the BIG-IP system, leading to a denial-of-service condition where the TMM process either crashes or requires a manual restart.

Remediation

To address this vulnerability, F5 recommends upgrading to a patched version if available. For BIG-IP systems, the vulnerability can be mitigated by disabling ePVA acceleration on affected virtual servers or enforcing ARP security on the connected network.