Blog

BIG-IP LTM HTTP/2 desync attacks: request line injection Security Advisory Security Advisory Description Multiple desync attacks have been discovered. For more information refer to the following ... More info: https://support.f5.com/csp/article/K63312282?utm_source=f5support&utm_medium=RSS

The BIG-IP ASM system may not properly perform attack signature checks Security Advisory Security Advisory Description The BIG-IP ASM system may not properly perform attack signature checks on ... More info: https://support.f5.com/csp/article/K05391775?utm_source=f5support&utm_medium=RSS

Bash vulnerability CVE-2012-6711 Security Advisory Security Advisory Description A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current ... More info: https://support.f5.com/csp/article/K05122252?utm_source=f5support&utm_medium=RSS

Linux kernel vulnerabilities CVE-2021-3564, CVE-2021-3573, and CVE-2021-3752 Security Advisory Security Advisory Description CVE-2021-3564 A flaw double-free memory corruption in the Linux kernel ... More info: https://support.f5.com/csp/article/K25511825?utm_source=f5support&utm_medium=RSS

Python vulnerabilities CVE-2019-9636 and CVE-2019-10160 Security Advisory Security Advisory Description Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of ... More info: https://support.f5.com/csp/article/K57542514?utm_source=f5support&utm_medium=RSS

Initial Publication Date: 2022/04/19 14:30 PST CVE IDs: CVE-2021-3100, CVE-2021-3101, CVE-2022-0070, CVE-2022-0071 On December 12, 2021, Amazon publicly released a hotpatch for running Java VMs which disables the loading of the Java Naming and Directory Interface (JNDI) class. This hotpatch provides an immediate mitigation for critical issues within the open-source Apache “Log4j2" utility (CVE-2021-44228 and CVE-2021-45046) while allowing system administrators sufficient time to More info: https://aws.amazon.com/security/security-bulletins/AWS-2022-006/

Linux vulnerabilities CVE-2022-0330 and CVE-2022-22942 Security Advisory Security Advisory Description CVE-2022-0330 A random memory access flaw was found in the Linux kernels GPU i915 kernel ... More info: https://support.f5.com/csp/article/K30914425?utm_source=f5support&utm_medium=RSS

More info: https://www.oracle.com/security-alerts/cpuapr2022.html

Linux kernel vulnerability CVE-2022-0742 Security Advisory Security Advisory Description Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making ... More info: https://support.f5.com/csp/article/K68120526?utm_source=f5support&utm_medium=RSS

Linux kernel vulnerability CVE-2022-26354 Security Advisory Security Advisory Description A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached ... More info: https://support.f5.com/csp/article/K50401227?utm_source=f5support&utm_medium=RSS