Bug ID 758517: Callback for Diffie Hellman crypto is missing defensive coding

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4

Fixed In:
15.1.0, 14.1.2.8

Opened: Feb 12, 2019

Severity: 3-Major

Symptoms

Destruction of objects during Diffie Hellman crypto callback does not first check for object validity.

Impact

IPsec tunnels down during tmm core in rare cases.

Conditions

Async callback for Diffie Hellman crypto call when objects no longer look valid.

Workaround

No work around is known at this time.

Fix Information

Add defensive coding to forestall action when objects look invalid.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips