ADVISORY!
TLP : CLEAR
Date : 27/02/2024
REF NO : CERT / 2024/02/15
F5 BIG-IP Security Restriction Bypass Vulnerability
Severity Level: Medium
Components Affected
BIG-IP Next SPK
- version 1.5.0 – 1.9.1
BIG-IP Next CNF
- version 1.1.0 – 1.2.1
BIG-IP (AFM)
- version 15.1.0 – 15.1.10
- version 16.1.0 – 16.1.4
- version 17.1.0 – 17.1.1
Traffix SDC
- version 5.1.0
Overview
A vulnerability was identified in F5 BIG-IP, a remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system.
Description
A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.
Impact
- Security Restriction Bypass
Solution/ Workarounds
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
- Traffix SDC version 5.2.0
Note: Other affected products have no patch released yet.
Reference
Disclaimer : The information provided herein is on an “as is” basis, without warranty of any kind.
Sri Lanka Computer Emergency Readiness Team | Coordination Centre
- Hotline : 101
- +94 11 269 1692
- Room 4-112, BMICH, Bauddhaloka Mawatha, Colombo 07, Sri Lanka.
- General inquiry: cert@cert.gov.lk
- Security incidents: incidents@cert.gov.lk
- Social media incidents: report@cert.gov.lk
