F5 Networks BIG-IP : TMM vulnerability (K16248201)
High Nessus Plugin ID 118634
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionIf an MPTCP connection receives an abort signal while the initial flow
is not the primary flow, the initial flow will remain after the
closing procedure is complete. TMM may restart and produce a core file
as a result of this condition.(CVE-2018-15318)
The BIG-IP system temporarily fails to process traffic as it recovers
from a Traffic Management Microkernel (TMM) restart, and devices
configured in a device group may fail over.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5