What is the severity of F5-K000138932?

The severity of F5-K000138932 is considered critical due to the potential for TMM termination affecting traffic management.

How do I fix F5-K000138932?

To fix F5-K000138932, upgrade to the specified remedial versions: 17.1.2, 16.1.5, or ensure to apply a fix if on the 15.1.x version.

What components are affected by F5-K000138932?

F5-K000138932 affects the SIP application layer gateway (ALG) profile and the Traffic Management Microkernel (TMM) on BIG-IP devices.

What triggers the issue in F5-K000138932?

The issue in F5-K000138932 is triggered by undisclosed traffic when specific ALG profiles are configured on a Message Routing type virtual server.

Are there any workarounds for F5-K000138932?

Currently, there are no effective workarounds for F5-K000138932, so applying the recommended patch is essential.

Vulnerability/
F5-K000138932

high

5/2/2025

F5-K000138932

First published: Wed Feb 05 2025(Updated: )

When the Session Initiation Protocol (SIP) application layer gateway (ALG) profile with Passthru Mode enabled and the SIP router ALG profile are configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.

Affected Software	Affected Version	How to fix
F5 BIG-IP	>=17.1.0<=17.1.1	17.1.2
F5 BIG-IP	>=16.1.0<=16.1.4	16.1.5
F5 BIG-IP	>=15.1.0<=15.1.10	-

Never miss a vulnerability like this again

Reference Links

https://my.f5.com/manage/s/article/K000138932

Frequently Asked Questions

What is the severity of F5-K000138932?
The severity of F5-K000138932 is considered critical due to the potential for TMM termination affecting traffic management.
How do I fix F5-K000138932?
To fix F5-K000138932, upgrade to the specified remedial versions: 17.1.2, 16.1.5, or ensure to apply a fix if on the 15.1.x version.
What components are affected by F5-K000138932?
F5-K000138932 affects the SIP application layer gateway (ALG) profile and the Traffic Management Microkernel (TMM) on BIG-IP devices.
What triggers the issue in F5-K000138932?
The issue in F5-K000138932 is triggered by undisclosed traffic when specific ALG profiles are configured on a Message Routing type virtual server.
Are there any workarounds for F5-K000138932?
Currently, there are no effective workarounds for F5-K000138932, so applying the recommended patch is essential.

collector/f5-advisory
source/F5
alias/CVE-2025-20045
agent/software-canonical-lookup
agent/references
agent/source
agent/severity
agent/last-modified-date
agent/softwarecombine
agent/tags
agent/first-publish-date
agent/description
agent/type
agent/event
vendor/f5
canonical/f5 big-ip
version/f5 big-ip/17.1.0
version/f5 big-ip/17.1.1
version/f5 big-ip/16.1.0
version/f5 big-ip/16.1.4
version/f5 big-ip/15.1.0
version/f5 big-ip/15.1.10

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.