CVE-2017-6137 F5 BIG-IP ASM Traffic Management Microkernel Denial of Service Vulnerability (K82851041)

Undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a disruption of service to the Traffic Management Microkernel (TMM) on specific platforms and configurations.

Affected Versions:
BIG-IP 12.1.0 - 12.1.2
BIG-IP 12.0.0 HF3 - HF4
BIG-IP 11.6.1 HF1

Successful exploitation causes the affected device to generate an egress packet with an invalid Maximum Segment Size (MSS), which are dropped by neighboring devices.

Customers are advised to refer to K82851041 for updates pertaining to this vulnerability.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

K82851041