Severity by source
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (f5) · only source for this CVE.
CVSS VectorVendor: f5
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionCVE.org
When embedded Packet Velocity Acceleration (ePVA) acceleration is configured, undisclosed local ethernet traffic can cause an increase in ePVA and Traffic Management Microkernel (TMM) resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
AnalysisAI
Denial of service in F5 BIG-IP when Packet Velocity Acceleration (ePVA) is enabled allows local network attackers to exhaust ePVA and Traffic Management Microkernel (TMM) resources through crafted ethernet traffic, causing service degradation or unavailability. CVSS 6.5 (medium severity) reflects adjacent network access requirement and high availability impact. Patch availability confirmed via vendor advisory.
Technical ContextAI
F5 BIG-IP implements embedded Packet Velocity Acceleration (ePVA) as a hardware acceleration feature to optimize traffic processing. The Traffic Management Microkernel (TMM) manages resource allocation for network traffic. The vulnerability exploits improper resource handling in the ePVA subsystem when processing locally-reachable ethernet frames; CWE-835 (infinite loop) indicates the root cause is likely unbounded iteration or resource consumption triggered by malformed or specifically-crafted local network packets. This affects systems where ePVA acceleration is explicitly configured as an enabled feature, not default deployments.
RemediationAI
Apply vendor-released patch from F5 article K000160862 (https://my.f5.com/manage/s/article/K000160862). Exact patched versions not specified in provided data; consult F5 advisory for your BIG-IP version and ePVA configuration. As immediate compensating control, disable ePVA acceleration if acceptable for performance SLAs, or restrict local network access to trusted management and traffic source segments using network ACLs or VLAN isolation. Note: Disabling ePVA trades acceleration performance for availability; evaluate impact on throughput SLAs before implementing.
Remote code execution in F5 BIG-IP and BIG-IQ Configuration utility allows authenticated attackers with low privileges t
Memory-exhaustion denial of service in F5 BIG-IP affects any virtual server configured with an HTTP/2 profile, where a r
Resource exhaustion in BIG-IP Configuration utility allows remote unauthenticated attackers to trigger file descriptor e
Remote unauthenticated attackers can crash F5 BIG-IP and BIG-IP Next Traffic Management Microkernel (TMM) processes via
Traffic Management Microkernel (TMM) crash in F5 BIG-IP versions 16.1.0 through 21.0.0.1 allows unauthenticated remote a
Traffic Management Microkernel (TMM) denial-of-service in F5 BIG-IP DNS affects systems with DNS cache-enabled profiles
F5 BIG-IP Advanced WAF and Application Security Manager (ASM) suffer from a denial-of-service vulnerability when process
Remote memory exhaustion in F5 BIG-IP virtual servers crashes Traffic Management Microkernel when HTTP/2 Layer 7 DoS Pro
Traffic Management Microkernel (TMM) crashes in F5 BIG-IP Virtual Edition and hardware platforms when SSL profiles are c
Remote denial-of-service in F5 BIG-IP allows unauthenticated attackers to crash the Traffic Management Microkernel (TMM)
Traffic Management Microkernel (TMM) in F5 BIG-IP terminates when processing specific traffic against UDP virtual server
Denial of service in F5 BIG-IP virtual servers with SSL profiles allows remote unauthenticated attackers to exhaust conn
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30002
GHSA-543h-qfcx-5xww