Last Modified: Jul 08, 2025
Affected Product(s):
F5OS F5OS-A
Known Affected Versions:
F5OS-A 1.4.0, F5OS-A 1.5.0, F5OS-A 1.5.1, F5OS-A 1.5.2, F5OS-A 1.5.3
Fixed In:
F5OS-A 1.7.0
Opened: Oct 27, 2022 Severity: 1-Blocking
VXLAN-GPE and GENEVE tunnel support can cause host-generated UDP frames with destination ports matching system configured destination ports for VXLAN-GPE or GENEVE to be treated as VXLAN-GPE or GENEVE traffic even if the underlying frame is not VXLAN-GPE or GENEVE. Frames fitting this characteristic may have a bad UDP checksum forced onto the frame if frame fails basic VXLAN-GPE or GENEVE protocol checks.
Minimal.
Administrator configures VXLAN-GPE and/or GENEVE tunnel support.
Tunnels are disable by default. This issue is only observed if tunnels are enabled.
N/A