Bug ID 1038117: TMM SIGSEGV with BDoS attack signature

Last Modified: Apr 24, 2024

Affected Product(s):
BIG-IP AFM, TMOS(all modules)

Known Affected Versions:
16.1.0, 16.1.1, 16.1.2,,, 16.1.3,,,,,, 16.1.4,,,

Fixed In:
17.1.0, 15.1.4

Opened: Aug 02, 2021

Severity: 4-Minor


TMM core dumped with segmentation fault showing the below stack. Sometimes the crash stack might be different possibly due to memory corruption caused by the stale BDoS entries in sPVA temp table. #0 0x00007fbb0f05fa01 in __pthread_kill (threadid=?, signo=signo@entry=11) at ../nptl/sysdeps/unix/sysv/linux/pthread_kill.c:61 #1 0x0000000001587e86 in signal_handler (signum=11, info=0x400a254018f0, ctx=0x400a254017c0) at ../kern/sys.c:3837 #2 <signal handler called> #3 __strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp-sse42.S:164 #4 0x000000000156319b in spva_search_temp_table (p_arg=<synthetic pointer>, spva=0x400a25401e70) at ../base/tmm_spva.c:1827 #5 spva_dyentries_ack_nack_response (status=SPVA_STATUS_SUCCESS, spva=0x400a25401e70) at ../base/tmm_spva.c:1872 #6 spva_read (status=SPVA_STATUS_SUCCESS, spva=...) at ../base/tmm_spva.c:1560


Traffic disrupted while tmm restarts.


BDoS enabled. The Dynamic BDoS signature created, attack detected, and signature is offloaded to hardware.


Disable BDoS.

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips