Last Modified: Nov 22, 2021
BIG-IP ASM, AVR
Known Affected Versions:
11.5.0, 11.4.0 HF3, 11.3.0 HF6
Opened: May 18, 2013 Severity: 2-Critical
In some cases AVR tries to release the same memory area twice, which leads to memory corruption and tmm crash.
Traffic disrupted while tmm restarts.
There are 2 configurations that can lead to it: 1. Application Dos is used. 2. AVR is used with the option of Max Statistics turned on. In both cases, HTTP responses should be compressed, and some timing issue with regards to compression activity running in parallel to the payload being transferred, can lead to this situation.
If Application Dos is used - there is no workaround. If AVR is used, then disabling the option of "Max Statistics" solves the problem. Run the command: tmsh modify sys db md.enablemaxandglobalhttpstats value 0
Fixed an Application DoS/AVR issue that caused the double release of memory, and possible memory corruption.