Last Modified: Oct 19, 2025
Affected Product(s):
F5OS F5OS-A
Known Affected Versions:
F5OS-A 1.8.0
Fixed In:
F5OS-A 1.8.3
Opened: Dec 03, 2024 Severity: 3-Major
F5OS stores the encryption key in the hardware TPM module. This is used to encrypt and decrypt sensitive data in the database, and is read at system startup and periodically during normal execution (during "key migrations"). If there is an issue reading the key from the TPM, a new key will be generated and store it in the TPM. The problem is that the database is still encrypted using the old key, and as soon as the system restarts it will run into errors when attempting to decrypt using the new key.
System encryption key gets corrupted.
Issue is observed intermittently when TPM module encounters ownership contention.
None
The symptom causing the tpm ownership has been fixed and removed unnecessary ownership calls.