For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

purna_256577's avatar
purna_256577
Icon for Nimbostratus rankNimbostratus
Jul 07, 2017

vulnerability CVE-2017-1000364 effects BIGIP ASM?

Looking for f5 KB for the vulnerability CVE-2017-1000364 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000364. Is it affect BIGIP ASM version 11.6.1.

 

Security researchers at Qualys Security discovered a vulnerability in the memory management of several Unix-based operating systems (Linux, OpenBSD, NetBSD, FreeBSD and Solaris). The vulnerability, tracked as CVE-2017-1000364, affects the stack, a special memory region used by computer programs to store variables and return addresses used in functions. Once exploited, this vulnerability allows a local attacker to gain root privileges on the affected machine.

 

ASM Advanced WAF
devops
security

1 Reply

  • JRahm's avatar
    JRahm
    Icon for Admin rankAdmin
    Jul 11, 2017

    Here on AskF5.

     

    The linux kernel is vulnerable, but proper security controls should limit the exposure to your management network access.