F5 Product Security Update Advisory (CVE-2023-4408)

Mar 26 2024

Overview

An update has been made available to address a vulnerability in F5 products. users of affected versions are advised to update to the latest version.

Affected Products

CVE-2023-4408

BIG-IP (all modules) Versions 17.1.0 through 17.1.1
BIG-IP (all modules) versions 16.1.0 through 16.1.4
BIG-IP (all modules) versions 15.1.0 through 15.1.10
BIG-IQ Centralized Management 8.1.0 through 8.3.0 versions

The `named` DNS message parsing code contains high computational complexity, which can cause excessive CPU load on the `named` instance if it receives a crafted query and response (CVE-2023-4408)

Vulnerability Patches

Vulnerability patches were made available in the March 23, 2024 update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2023-4408

Update as instructed on the Referenced Sites[2]

Referenced Sites

[1] CVE-2023-4408 Detail

https://nvd.nist.gov/vuln/detail/CVE-2023-4408

[2] K000138990: BIND vulnerability CVE-2023-4408

https://my.f5.com/manage/s/article/K000138990?utm_source=f5support&utm_medium=RSS

F5 Product Security Update Advisory (CVE-2023-4408)

Overview

Affected Products

Vulnerability Patches

Referenced Sites

MS Family March 2024 Routine Security Update Advisory

Intel Family (Hardware) March 2024 Security Update Advisory

Overview

Affected Products

Vulnerability Patches

Referenced Sites

Tags:

MS Family March 2024 Routine Security Update Advisory

Intel Family (Hardware) March 2024 Security Update Advisory