CVE-2019-6681

Published: Dec 23, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a memory leak in Multicast Forwarding Cache (MFC) handling in tmrouted.

Affected (5)

Products: F5: Big Ip Local Traffic Manager

1 product

Big Ip Local Traffic Manager

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
F5 Big Ip Local Traffic Manager	From 12.1.0 to 12.1.5
F5 Big Ip Local Traffic Manager	From 13.1.0 to 13.1.3.2
F5 Big Ip Local Traffic Manager	From 14.0.0 to 14.0.1.1
F5 Big Ip Local Traffic Manager	From 14.1.0 to 14.1.2.1
F5 Big Ip Local Traffic Manager	From 15.0.0 to 15.1.0

Related CWEs

CWE-401

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (2)

https://support.f5.com/csp/article/K93417064

Source: f5sirt@f5.com

Vendor Advisory

https://support.f5.com/csp/article/K93417064

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.