F5 Networks BIG-IP : Linux kernel vulnerability (K60104355)
Medium Nessus Plugin ID 99444
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
This vulnerability may allow a remote user to cause a denial of service (DoS) for the BIG-IP control plane.
Note : Only the BIG-IP control plane is vulnerable; the data plane is not affected by this vulnerability.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K60104355.