Memory Resource Utilization Increase in BIG-IP Tenants on Certain Hardware
CVE-2024-41727

7.5HIGH

Key Information:

Vendor: F5
Status: Big-ip
Vendor: CVE Published:; 14 August 2024

Summary

A vulnerability exists in F5 Networks' BIG-IP product impacting tenants operated on r2000 and r4000 series hardware, as well as the BIG-IP Virtual Edition using Intel E810 SR-IOV NIC. This issue can lead to increased memory resource utilization due to undisclosed traffic patterns. It's important for organizations using affected versions to review and address this resource management concern to maintain optimal operation and ensure system performance.

Affected Version(s)

BIG-IP r2000 16.1.0 < 16.1.5

BIG-IP r2000 15.1.0

BIG-IP r2000 17.1.0

References

https://my.f5.com/manage/s/article/K000138833

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 14, 2024
Vulnerability Reserved
Jul 22, 2024

Key Information:

Summary

Affected Version(s)

References

CVSS V3.1

Timeline

Credit