Last Modified: Feb 07, 2024
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
13.1.5, 13.1.5.1, 14.1.5, 14.1.5.1, 14.1.5.2, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 16.1.3, 16.1.3.1, 16.1.3.2, 17.0.0, 17.0.0.1
Fixed In:
17.1.0, 17.0.0.2, 16.1.3.3, 15.1.8.1, 14.1.5.3
Opened: Jun 10, 2022 Severity: 3-Major
REST tokens which are present in /var/run/pamcache on BIG-IP are not deleted after token expiration when there are a large number of tokens.
More memory will be used as /run/pamcache is an in memory filesystem
When a large number of tokens are generated.
Try to remove token files from /run/pamcache manually. You can check what would be deleted by the command below by using -print in place of -delete # find /run/pamcache -regextype posix-extended -type f -regex '/run/pamcache/[A-Z0-9]{26}' -delete Restart httpd processes: bigstart restart httpd
Expired token are removed from /run/pamcache by the BIG-IP system.