Bug ID 1024241: Empty TLS records from client to BIG-IP results in SSL session termination

Last Modified: Feb 02, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,

Opened: Jun 09, 2021
Severity: 2-Critical


After client completes TLS handshake with BIG-IP, when it sends an empty TLS record (zero-length cleartext), the client BIG-IP SSL connection is terminated.


SSL connection termination is seen in TLS clients.


This is reported on i7800 which has Intel QAT crypto device The issue was not reported on Nitrox crypto based BIG-IP platforms. Issue is not seen when hardware crypto is disabled.


Disable hardware crypto acceleration.

Fix Information


Behavior Change