Last Modified: Oct 17, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
17.5.0, 17.5.1, 17.5.1.2, 17.5.1.3
Opened: Jul 29, 2025 Severity: 3-Major
The TMM core backtrace shows a SIGSEGV in saml_sso_from_assigned_resources_and_profile, specifically a memcmp() call with a NULL meta_data pointer. The underlying issue appears to be a race condition or logic error where a decompress callback is triggered after the SSO state (metadata) has already been freed, possibly due to concurrent handling of decompress operations and redirect responses.
Traffic disrupted while tmm and apmd restarts.
SAMl SSO is configured
None
None