CVE-2020-5926 - Improper Resource Shutdown or Release

Severity

75%

Complexity

39%

Confidentiality

60%

In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, and 14.1.0-14.1.2.6, a BIG-IP virtual server with a Session Initiation Protocol (SIP) ALG profile, parsing SIP messages that contain a multi-part MIME payload with certain boundary strings can cause TMM to free memory to the wrong cache.

CVSS 3.1 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P).

Demo Examples

Improper Resource Shutdown or Release

CWE-404

The following method never closes the file handle it opens. The Finalize() method for StreamReader eventually calls Close(), but there is no guarantee as to how long it will take before the Finalize() method is invoked. In fact, there is no guarantee that Finalize() will ever be invoked. In a busy environment, this can result in the VM using up all of its available file handles.


               
}
}
processLine(line);

Improper Resource Shutdown or Release

CWE-404

This code attempts to open a connection to a database and catches any exceptions that may occur.


               
}
Connection con = DriverManager.getConnection(some_connection_string);
log( e );

If an exception occurs after establishing the database connection and before the same connection closes, the pool of database connections may become exhausted. If the number of available connections is exceeded, other users cannot access this resource, effectively denying access to the application.

Improper Resource Shutdown or Release

CWE-404

Under normal conditions the following C# code executes a database query, processes the results returned by the database, and closes the allocated SqlConnection object. But if an exception occurs while executing the SQL or processing the results, the SqlConnection object is not closed. If this happens often enough, the database will run out of available cursors and not be able to execute any more SQL queries.


               
...

Improper Resource Shutdown or Release

CWE-404

The following C function does not close the file handle it opens if an error occurs. If the process is long-lived, the process can run out of file handles.


               
}

                     
return DECODE_SUCCESS;
return DECODE_FAIL;

                           
}
}
return DECODE_FAIL;
decodeBlock(buf);

Improper Resource Shutdown or Release

CWE-404

In this example, the program does not use matching functions such as malloc/free, new/delete, and new[]/delete[] to allocate/deallocate the resource.


               
}
void foo();
delete ptr;

Improper Resource Shutdown or Release

CWE-404

In this example, the program calls the delete[] function on non-heap memory.


               
}
void foo(bool);
delete[] p;
11,22
p = new int[2];

Overview

Type

F5

First reported 4 years ago

2020-08-26 16:15:00

Last updated 4 years ago

2020-09-02 16:16:00

Affected Software

F5 Big-IP Access Policy Manager (APM)

F5 Big-IP Advanced Firewall Manager (AFM)

F5 Big-IP Analytics

F5 Big-IP Application Acceleration Manager (AAM)

F5 Big-IP Application Security Manager (ASM)

F5 Big-IP Domain Name System (DNS)

F5 Big-IP Fraud Protection Service (FPS)

F5 Big-IP Global Traffic Manager (GTM)

F5 Big-IP Link Controller

F5 Networks Big-IP Local Traffic Manager (LTM)

F5 Big-IP Policy Enforcement Manager (PEM)

References

https://support.f5.com/csp/article/K42830212

https://support.f5.com/csp/article/K42830212

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.