Last Modified: May 05, 2026
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6, 15.1.10.7, 15.1.10.8, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 16.1.5, 16.1.5.1, 16.1.5.2, 16.1.6, 16.1.6.1, 17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1, 17.1.2.2, 17.1.3, 17.1.3.1, 17.5.0, 17.5.1, 17.5.1.2, 17.5.1.3, 17.5.1.4, 17.5.1.5, 17.5.1.6
Fixed In:
17.1.3.2
Opened: Mar 04, 2025 Severity: 3-Major
A memory leak develops on the standby device but may persist on the active device. Restjavad may fail and restart with a similar error to the following log snippet (in /var/log/restjavad.0.log if failure is recent): 'DieOnUncaughtErrorHandler Uncaught Error causing restjavad to exit.' It may also trigger frequent CPU intensive garbage collection such as many invocations of 'Full GC'. These will not be able to clear the memory, and that may be observable in GC logs as only small drops in restjavad heap size when Full GC runs. Restart of restjavad may not clear the issue fully or for long. Issue may persist after upgrade. /var/log/restjavad-api-usage.json has a large file size. Typically it will be tens of Kilobytes before leak develops and eventually grow to Megabytes or tens of MB.
Restjavad exits and restarts, perhaps repeatedly. High CPU use due to frequent intensive garbage collection may occur.
Restjavad that fails or exhibits issues will have had a long time as standby in a HA cluster, but may not be standby at time of failure.
See K000153118: Procedure to clear restjavad API statistics memory leak, ID 1826505 https://my.f5.com/manage/s/article/K000153118 This procedure should have a low impact if your environment does not require constant availability of REST API. For systems that are more dependent on REST API availability such as SSL Orchestrator, you may want to restrict this to a maintenance window.
Restjavad API usage statistics data is now reset after each periodic save and is no longer loaded from disk on startup. This prevents unbounded memory growth from accumulating transient API statistics entries over time.