Memory Leak Vulnerability in F5 BIG-IP Multipath TCP Connections
CVE-2018-5500
Key Information:
- Vendor
- F5
- Vendor
- CVE Published:
- 1 March 2018
Summary
A memory leak issue exists in F5 BIG-IP systems that affects connections established via the Multipath TCP feature. Specifically, every Multipath TCP connection leaks a small amount of memory. This anomaly is present in specific versions of BIG-IP, including 13.0.0, 12.1.0 to 12.1.3.1, and 11.6.1 to 11.6.2, particularly impacting virtual servers utilizing a TCP profile with the Multipath TCP feature enabled. Addressing this vulnerability is crucial to ensure optimal resource management and system performance.
Affected Version(s)
BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe 13.0.0
BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe 12.1.0 - 12.1.3.1
BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe 11.6.1 - 11.6.2
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved