Potential Data Leak in BIG-IP TMMs on VELOS and rSeries Platforms
CVE-2024-32761

6.5MEDIUM

Key Information:

Vendor: F5
Status: Big-ip
Vendor: CVE Published:; 8 May 2024

What is CVE-2024-32761?

Under certain conditions, a data leak may occur in the Traffic Management Microkernels (TMMs) of BIG-IP tenants running on VELOS and rSeries platforms. This leak occurs randomly and cannot be deliberately triggered. If it occurs, it may leak up to 64 bytes of non-contiguous randomized bytes. Under rare conditions, this may lead to a TMM restart, affecting availability. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

BIG-IP 15.1.0 < 15.1.10

BIG-IP 17.1.0

BIG-IP 16.1.0

References

https://my.f5.com/manage/s/article/K000139217

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 8, 2024
Vulnerability Reserved
Apr 24, 2024

Credit

JSON

F5

What is CVE-2024-32761?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.