CVE-2017-6166 F5 BIG-IP ASM TMM FastL4 Profile Denial of Service Vulnerability (K65615624)

In BIG-IP ASM, in some cases the Traffic Management Microkernel (TMM) may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as part of a device group, it will trigger a failover to the peer device.

Affected Versions:
BIG-IP ASM 12.0.0 - 12.1.1

QID Detection Logic:
This authenticated QID checks for the vulnerable versions of F5 BIG-IP devices.

A remote attacker may be able to cause a BIG-IP system to produce a core file, disrupting the flow of traffic and causing a failover to a standby system, if configured. BIG-IP logs will show the notice panic: packet_free: double free! error when TMM crashes.

Customers are advised to refer to K65615624 for updates pertaining to this vulnerability.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

K65615624