Intel MCE vulnerability in F5 Networks products
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2018-12207 |
| CWE-ID | CWE-119 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
BIG-IP Hardware solutions / Firmware BIG-IQ Centralized Management Server applications / Remote management servers, RDP, SSH Enterprise Manager Client/Desktop applications / Other client software |
| Vendor | F5 Networks |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Buffer overflow
EUVDB-ID: #VU22712
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-12207
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the mechanism responsible for error handling on some Intel platforms. A local user of a guest operating system can use a specially crafted application to trigger memory corruption and cause the host system to stop responding.
Successful exploitation of this vulnerability may result in a denial of service (DoS) attack.
Below is the list of processor families that are affected by this vulnerability:
Client:
- Intel Core i3 Processors
- Intel Core i5 Processors
- Intel Core i7 Processors
- Intel Core m Processor Family
- 2nd generation Intel Core Processors
- 3rd generation Intel Core Processors
- 4th generation Intel Core Processors
- 5th generation Intel Core Processors
- 6th generation Intel Core Processors
- 7th generation Intel Core Processors
- 8th generation Intel Core Processors
- Intel Core X-series Processor Family
- Intel Pentium Gold Processor Series
- Intel Celeron Processor G Series
Server:
- 2nd Generation Intel Xeon Scalable Processors
- Intel Xeon Scalable Processors
- Intel Xeon Processor E7 v4 Family
- Intel Xeon Processor E7 v3 Family
- Intel Xeon Processor E7 v2 Family
- Intel Xeon Processor E7 Family
- Intel Xeon Processor E5 v4 Family
- Intel Xeon Processor E5 v3 Family
- Intel Xeon Processor E5 v2 Family
- Intel Xeon Processor E5 Family
- Intel Xeon Processor E3 v6 Family
- Intel Xeon Processor E3 v5 Family
- Intel Xeon Processor E3 v4 Family
- Intel Xeon Processor E3 v3 Family
- Intel Xeon Processor E3 v2 Family
- Intel Xeon Processor E3 Family
- Intel Xeon E Processor
- Intel Xeon D Processor
- Intel Xeon W Processor
- Legacy Intel Xeon Processor
This issue impacts all BIG-IP platforms using the following Intel processor families:
- Xeon
- Pentium Gold
- Core X-series
- Core i
- Celeron G
- BIG-IP 2000s, 2200s, 4000s, 4200v, 5000s, 5050s, 5200v,5250v, 5250v fips, 7000s, 7200v , 7200v FIPS , 7250v series
- BIG-IP 10000s, 10050s, 10055s, 10150s NEBS, 10200v, 10200v FIPS, 10200v SSL, 10250v, 10255v, 10350v, 10350v NEBS, 11050 NEBS, 12250v series
- BIG-IP iSeries platforms: i850, i2x00, i4x00, i5x00, i5820-DF, i7x00, i7x00-D2, i7820-DF, i10x00 / i10x00-D2, i11x00, i11x00-DS, i15x00
- VIPRION B2100, VIPRION B2150 , VIPRION B2250, VIPRION B4300 , VIPRION B4340N
- Enterprise Manager 4000
- BIG-IQ 7000
- BIG-IP 800, 1600, 3600, 3900, 4200, 4340, 6900 series
- BIG-IP 8900, 8950, 1100, 11050, 11050 FIPS series
BIG-IP: 15.0.0 - 15.0.1
BIG-IQ Centralized Management: 7.0.0
Enterprise Manager: 3.1.1
CPE2.3- cpe:2.3:h:f5_networks:big-ip:15.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:f5_networks:big-ip:15.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:f5_networks:big-iq:7.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5_networks:enterprise_manager:3.1.1:*:*:*:*:*:*:*
https://support.f5.com/csp/article/K17269881
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
