When an “Attack Signature False Positive Mode” enabled security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. (CVE-2022-41836)
Impact
Traffic is disrupted while the bd process restarts. This vulnerability allows a remote unauthenticated attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.