Last Modified: Feb 03, 2026
Affected Product(s):
BIG-IP APM
Known Affected Versions:
17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1, 17.1.2.2, 17.1.3, 17.1.3.1
Fixed In:
17.5.1.4
Opened: Oct 15, 2024 Severity: 4-Minor
-- The aced process may exhaust available file descriptors over time when using SecurID authentication -- Users are unable to authenticate using RSA SecurID -- Complete APM service outage with "Too many open files" errors in /var/log/apm -- aced process may core and restart
-- Complete APM service outage. -- All VPN clients unable to establish connections -- SecurID authentication failures. -- Service becomes unstable and stops processing authentication requests.
-- BIG-IP APM system configured with SecurID authentication -- aced process runs for extended periods (typically weeks) -- Authentication failures or connection issues between APM and SecurID server may accelerate the issue.
Restart the aced process: bigstart restart aced. Perform system failover to restore service temporarily.
The aced daemon now properly cleans up file descriptors (sockets) created during SecurID authentication requests, particularly during error scenarios such as authentication failures. This prevents file descriptor exhaustion that previously caused the aced process to crash and resulted in complete APM service outages.