-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2013.1476
        sol13233: TMM vulnerability CVE-2013-6016 Security Advisory
                              17 October 2013

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           BIG-IP LTM
                   BIG-IP Analytics
                   BIG-IP APM
                   BIG-IP ASM
                   BIG-IP Edge Gateway
                   BIG-IP GTM
                   BIG-IP Link Controller
                   BIG-IP PSM
                   BIG-IP WebAccelerator
                   BIG-IP WOM
Publisher:         F5
Operating System:  Network Appliance
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2013-6016  

Original Bulletin: 
   http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html

- --------------------------BEGIN INCLUDED TEXT--------------------

sol13233: TMM vulnerability CVE-2013-6016

Security Advisory

Original Publication Date: 12/12/2011

Updated Date: 10/16/2013

Description

The BIG-IP system may incorrectly transition a TCP connection to an 
ESTABLISHED state prior to receiving the appropriate ACK packet for the 
connection.

As a result of this issue, you may encounter the following symptoms:

    The BIG-IP system sends a SIGFPE signal to the Traffic Management 
    Microkernel (TMM), resulting in a stack trace and core file.
    The BIG-IP system generates an assertion failure panic string in the 
    /var/log/tmm file that appears similar to the following example:
    notice panic: Request for segment from middle of queue

Impact

TMM may restart and temporarily fail to process traffic.

Status

F5 Product Development has assigned ID 363504 (BIG-IP) to this vulnerability.

To determine if your release is known to be vulnerable, the components or 
features that are affected by the vulnerability, and for information about 
releases or hotfixes that address the vulnerability, refer to the following 
table:

Product 	Versions known to	Versions known to be	Vulnerable 							
		be vulnerable 		not vulnerable 		component or 		
								feature 

BIG-IP LTM 	11.0.0			11.1.0 - 11.4.1		TMM
		10.0.0 - 10.2.2		10.2.3 - 10.2.4
					11.0.0 HF1 and later
					10.2.2 HF3 and later

BIG-IP AAM 	None 			11.4.0 - 11.4.1 	None

BIG-IP AFM 	None 			11.3.0 - 11.4.1		None

BIG-IP 		11.0.0 			11.1.0 - 11.4.1		TMM
Analytics 				11.0.0 HF1 and later	
 	
BIG-IP APM 	11.0.0			11.1.0 - 11.4.1		TMM
		10.1.0 - 10.2.2		10.2.3 - 10.2.4
					11.0.0 HF1 and later
					10.2.2 HF3 and later

BIG-IP ASM 	11.0.0			11.1.0 - 11.4.1		TMM
		10.0.0 - 10.2.2		10.2.3 - 10.2.4
					11.0.0 HF1 and later
					10.2.2 HF3 and later

BIG-IP 		11.0.0			11.1.0 - 11.3.0		TMM
Edge Gateway	10.1.0 - 10.2.2		10.2.3 - 10.2.4
					11.0.0 HF1 and later
					10.2.2 HF3 and later 	

BIG-IP GTM 	11.0.0			11.1.0 - 11.4.1		TMM
		10.0.0 - 10.2.2 	10.2.3 - 10.2.4
					11.0.0 HF1 and later
					10.2.2 HF3 and later
	
BIG-IP		11.0.0			11.1.0 - 11.4.1		TMM
Link Controller 10.0.0 - 10.2.2		10.2.3 - 10.2.4
					11.0.0 HF1 and later
					10.2.2 HF3 and later 	
BIG-IP PEM 	None			11.3.0 - 11.4.1		None

BIG-IP PSM 	11.0.0 - 11.4.1		11.1.0 - 11.4.1		TMM
		10.0.0 - 10.2.4		10.2.3 - 10.2.4
		9.4.5 - 9.4.8		11.0.0 HF1 and later
		None 			10.2.2 HF3 and later

BIG-IP 		11.0.0 - 11.3.0		11.1.0 - 11.4.1		TMM
WebAccelerator 	10.0.0 - 10.2.4		10.2.3 - 10.2.4
		9.4.0 - 9.4.8		11.0.0 HF1 and later
		None 			10.2.2 HF3 and later

BIG-IP WOM 	11.0.0			11.1.0 - 11.4.1		TMM
		10.0.0 - 10.2.2		10.2.3 - 10.2.4
		None 			11.0.0 HF1 and later
					10.2.2 HF3 and later 	

ARX 		None		 	6.0.0 - 6.4.0		None
					5.0.0 - 5.3.1

Enterprise 	None 			3.0.0 - 3.1.1		None
Manager 				2.0.0 - 2.3.0

FirePass 	None 			7.0.0			None
					6.0.0 - 6.1.0

BIG-IQ Cloud 	None			4.0.0 - 4.1.0		None

BIG-IQ Security	None			4.0.0 - 4.1.0		None

Recommended action

To eliminate this vulnerability, upgrade to a version that is listed in the
Versions known to be not vulnerable column in the previous table.

Supplemental Information

    SOL9970: Subscribing to email notifications regarding F5 products
    SOL9957: Creating a custom RSS feed to view new and updated documents.
    SOL4602: Overview of the F5 security vulnerability response policy
    SOL4918: Overview of the F5 critical issue hotfix policy
    SOL167: Downloading software and firmware from F5
    SOL13123: Managing BIG-IP product hotfixes (11.x)
    SOL10025: Managing BIG-IP product hotfixes (10.x)
    SOL9502: BIG-IP hotfix matrix

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBUl916xLndAQH1ShLAQL97A//VmEiuYmf9X1Z9qc7ikLMYxvDboHZtXj1
pCM6rN3N8l/cqmrNPeB5BuJgTZ7tbFSCO7mx9YSCvACmU90hDd93szACzm+HpjgI
883NNOV3YhS0GxdJLm0S9qU4ByJ+ir1c27F5FTfJqo6PjlP5S2mr3UFNR+4RzDvL
/RbeWL5NyxfBZVGlG9cdBD7gDrWsrUYvOXWLODJsLTr8U8trXK6KNDz07aA36uUs
q+XWk5QZf6Y8QY6YW/m01nwLg5PHFCa4eIgc8O1K0hGtJS2NuOBj9e/quF6HBpOJ
wxc+ZD8YHEg4Oth5oOt2MOvidg75AAhvldt8I918mmMX3zo7XSXr8ACMv9yt158/
v5uEYg7c09PW/6DWMaRWiAp8LXtbNL/Fw2GmuYFMfMsmDuVYtYocni6S7L27ZJWR
roHOPcG0Vk5o22ypNjL9FcZmo4SkAL5vcfUrXIQHFS/Mq4GWowIbPCsZUJDRXwZj
KXGMvQPQx+EAFXqc+4CwTtBMgcidgEml+Y/DixJRrjDgRhmC2jJ/ge8EcnMzo4+K
NQ4BL1l+9SC25vcdIxFeVRM6QzxDeFgAaikdQsrC5hPSOxu/KqZ9spK8dmeO6G30
GefUcWPOAjP9vfJoWLzBB8GXSWXumcLXSOMfWJR+t3lakCL9fuSPxo0/pypQSqO1
JXwh9x5XMcU=
=1Rhi
-----END PGP SIGNATURE-----