Bug ID 1024241: Empty TLS records from client to BIG-IP results in SSL session termination

Last Modified: Dec 19, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,,

Fixed In:
17.1.1, 16.1.4, 15.1.9

Opened: Jun 09, 2021

Severity: 2-Critical


After client completes TLS handshake with BIG-IP, when it sends an empty TLS record (zero-length cleartext), the client BIG-IP SSL connection is terminated.


SSL connection termination is seen in TLS clients.


This is reported on i7800 which has Intel QAT crypto device The issue was not reported on Nitrox crypto based BIG-IP platforms. Issue is not seen when hardware crypto is disabled.


Disable hardware crypto acceleration.

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips