F5 Networks BIG-IP : TMM vulnerability (K16248201)
High Nessus Plugin ID 118634
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionIf an MPTCP connection receives an abort signal while the initial flow is not the primary flow, the initial flow will remain after the closing procedure is complete. TMM may restart and produce a core file as a result of this condition.(CVE-2018-15318)
The BIG-IP system temporarily fails to process traffic as it recovers from a Traffic Management Microkernel (TMM) restart, and devices configured in a device group may fail over.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K16248201.