Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4
Fixed In:
14.1.0, 14.0.0.5, 13.1.1.4
Opened: Sep 04, 2018 Severity: 2-Critical
If SSL session mirroring is enabled, but the HA channel is down, attempts to mirror may result in memory leakage.
Memory leakage over time resulting in eventual memory pressure leading to performance degradation and possible TMOS restart.
- SSL session mirroring enabled - HA channel is down
Ensuring that the HA peer is present and connected will avoid the leakage. Otherwise, no reasonable workaround exists short of disabling SSL session mirroring.
SSL session mirroring no longer leaks memory when the HA channel is down.