Last Modified: Mar 30, 2024
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5
Fixed In:
16.1.4, 15.1.10
Opened: Feb 02, 2023 Severity: 2-Critical
The tmm process restarts after logging the following message to /var/log/tmm*: notice panic: iked/isakmp.c:2338: Assertion "Invalid policy remote index" failed.
Unexpected high availability (HA) failover, or interruption to traffic processing on a standalone unit, while the tmm process restarts.
May occur during an SA deletion or an update of IPsec configuration.
None
When the remote index is null, the system gracefully fails the init packet creation. Continuous traffic to the BIG-IP system retriggers the tunnel, and the IPsec config will be updated by then.