On an HTTP/2 virtual server with Layer 7 DoS Protection configured, undisclosed traffic can result in an increase in memory consumption causing the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2026-41227 is a high-severity vulnerability in HTTP/2 virtual servers with Layer 7 DoS Protection that allows undisclosed traffic to cause excessive memory consumption, leading to Traffic Management Microkernel process termination. This denial-of-service vulnerability affects F5 BIG-IP systems and can disrupt critical network services.
تؤثر هذه الثغرة على خوادم HTTP/2 الافتراضية في F5 BIG-IP عند تفعيل حماية الطبقة 7 من هجمات الحرمان من الخدمة. يمكن لحركة مرور غير محددة أن تسبب استهلاكًا مفرطًا للذاكرة مما يؤدي إلى توقف عملية Traffic Management Microkernel.
This vulnerability impacts HTTP/2 virtual servers with Layer 7 DoS Protection enabled, where specially crafted traffic causes memory exhaustion and TMM process crashes. Organizations running affected F5 BIG-IP versions face potential service disruption and network unavailability.
Upgrade F5 BIG-IP to patched versions that address CVE-2026-41227; disable Layer 7 DoS Protection if immediate patching is not possible; implement network-level rate limiting and traffic filtering; monitor TMM process stability and memory consumption; review and validate HTTP/2 traffic handling configurations.
قم بترقية F5 BIG-IP إلى الإصدارات المصححة؛ عطّل حماية الطبقة 7 من هجمات الحرمان من الخدمة إذا لم يكن الترقيع فوريًا ممكنًا؛ طبّق تحديد معدل على مستوى الشبكة؛ راقب استقرار عملية TMM واستهلاك الذاكرة؛ راجع إعدادات معالجة حركة HTTP/2.