Memory Resource Utilization Flaw in F5's Traffic Management Microkernel
CVE-2025-54805

6MEDIUM

Key Information:

Vendor: F5
Status: Big-ip Next Spk; Big-ip Next Cnf; Big-ip Next For Kubernetes
Vendor: CVE Published:; 15 October 2025

What is CVE-2025-54805?

A vulnerability exists in the Traffic Management Microkernel (TMM) when iRules are configured on a virtual server via the declarative API. During re-instantiation, the cleanup process can lead to increased memory resource utilization, potentially affecting system performance. It is essential for users to ensure they are running supported versions and to monitor their systems for any anomalies related to this issue.

Affected Version(s)

BIG-IP Next CNF 1.1.0

BIG-IP Next for Kubernetes 2.0.0 < 2.1.0

BIG-IP Next SPK 1.7.0

References

https://my.f5.com/manage/s/article/K000151596

vendor-advisory

CVSS V4

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 15, 2025
Vulnerability Reserved
Oct 3, 2025

Credit

JSON