K00032124 : BIG-IP last hop kernel module vulnerability CVE-2015-5516

Security Advisory Description

The BIG-IP last hop kernel module may leak memory when processing User Datagram Protocol (UDP) traffic. The memory leak may cause denial-of-service (DoS) conditions for the BIG-IP system.
Impact
The following configurations may allow a remote attacker to cause a memory leak and potential DoS conditions on BIG-IP systems:

• You use the management interface to provide remote access to UDP based services.

• You use self IP addresses to provide remote access to UDP based services.

• Virtual servers that reference a DNS profile with the Use BIND Server on BIG-IP option enabled (the option is enabled by default in BIG-IP 11.2.x through 12.0.0).

• Wide IPs reference either of the following pool configurations:

  • A pool using the Return to DNS load balancing method.
  • A pool in which the Alternate and Fallback load balancing methods are set to None and all pools associated with the wide IP are unavailable.