Buffer overflow in BIG-IP DNS and BIG-IP GTM

#VU50617 Buffer overflow in BIG-IP DNS and BIG-IP GTM

Published: 2021-02-11

Vulnerability identifier: #VU50617

Vulnerability risk: Medium

CVSSv3.1: 4.4 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-22982

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
BIG-IP DNS
Hardware solutions / Routers & switches, VoIP, GSM, etc
BIG-IP GTM
Hardware solutions / Security hardware applicances

Vendor: F5 Networks

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in big3d. A remote user can send specially crafted data to the big3d agent, trigger a buffer overflow and crash the agent.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

BIG-IP DNS: 12.1.0 - 13.1.0.3

BIG-IP GTM: 11.6.1 - 11.6.5.2

External links
http://support.f5.com/csp/article/K72708443

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Buffer overflow in big3d agent in F5 BIG-IP DNS