Forum Discussion

Paula_Livingsto's avatar
Paula_Livingsto
Icon for Altocumulus rankAltocumulus
Apr 24, 2019

F5 and Linux Kernel CVE-2019-8980 Denial of Service Vulnerability

Hi all,   I have been asked this morning by a military client for whom I monitor a number of LTM regarding the susceptibility of his equipment to this vulnerability (Linux Kernel CVE-2019-8980 Den...
application delivery
BIG-IP
cve
kernel vulnerability
LTM
security
  • Paula_Livingsto's avatar
    Paula_Livingsto
    Apr 27, 2019

    Thanks, guys, I've spoken to my local f5 guys and they have confirmed the information on the NIST site is incorrect or rather out of date and the vulnerability is no longer under scrutiny.

     

Dario_Garrido's avatar
Dario_Garrido
Icon for MVP rankMVP
Apr 26, 2019

Regarding this link -> https://support.f5.com/csp/article/K56480726

 

(Updated Date: Apr 22, 2019)

 

I guess this document means that they are not affected to this vulnerability because of they normally develop a custom kernel with fixes written by their own, and the root of the vulnerability refers to code not implemented in their products.

 

However, the best way to know details about that is to open a support case. Normally they are reluctant to give details about the bugs, but in this case it's the best way to obtain responses.

 

KR, Dario.