Vulnerability Recommended Actions
If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.
Mitigating this vulnerability
To mitigate this vulnerability, you can modify the FastL4 profile and enable the Reassemble IP Fragments option. To enable the Reassemble IP Fragments option using the Traffic Management Shell (tmsh), perform the following steps:
tmsh
2. To modify the FastL4 profile and enable the Reassemble IP Fragments option, use the following syntax:
modify /ltm profile fastl4 <profile_name> reassemble-fragments enabled
For example, to enable the Reassemble IP Fragments option for the FastL4 profile named MyFastL4, type the following command:
modify /ltm profile fastl4Â MyFastL4 reassemble-fragments enabled
3. To save the configuration, type the following command:
save /sys config
Supplemental Information
support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html
support.f5.com/kb/en-us/solutions/public/13000/100/sol13123.html
support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html
support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html
support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html
support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html