Vigil@nce - F5 BIG-IP: memory corruption via Datastor
December 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can generate a memory corruption in Datastor on
F5 BIG-IP, in order to trigger a denial of service, and possibly
to run code.
Impacted products: BIG-IP Hardware, TMOS.
Severity: 2/4.
Creation date: 28/10/2015.
DESCRIPTION OF THE VULNERABILITY
The F5 BIG-IP product uses the datastor kernel module.
However, a local program can be used to corrupt the datastor
memory. Technical details are unknown.
A local attacker can therefore generate a memory corruption in
Datastor on F5 BIG-IP, in order to trigger a denial of service,
and possibly to run code.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/F5-BIG-IP-memory-corruption-via-Datastor-18203