Bug ID 1325145: SSRF DNS Lookup can cause memory leak

Last Modified: Dec 05, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4

Fixed In:
17.1.2

Opened: Jul 26, 2023

Severity: 2-Critical

Symptoms

Memory leak can occur when using SSRF DNS lookup.

Impact

Memory leak can occur leading to less memory available for handling traffic. Bd may crash or be oomkilled. Traffic disrupted while bd restarts.

Conditions

1) SSRF violation is enabled 2) SSRF configuration is present for domain names with action Resolve

Workaround

None

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips