Security Advisory Description When a stateless virtual server is configured on a BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause virtual servers to stop processing client connections and the Traffic Management Microkernel (TMM) to terminate. (CVE-2024-39778) Impact Traffic is disrupted while the system automatically reboots. This vulnerability allows a remote unauthenticated attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only. On vCMP guests, the automatic reboot may not resolve the issue and traffic may be disrupted until you manually reboot the vCMP host. On systems not configured for vCMP, the automatic reboot resolves the issue. Note: Rebooting a vCMP host shuts down all vCMP guests running on the host. F5 recommends that you reboot the vCMP host during a schedule maintenance window. For more information on BIG-IP platforms with HSB chips, stateless virtual servers, and vCMP systems, refer to the following resources: K70264409: BIG-IP platforms that contain HSB chips K13675: Overview of the stateless virtual server K20081511: Shutting down and restarting the vCMP guest from the vCMP host K44259537: Rebooting VIPRION vCMP host or guest…Read More