Bug ID 436394: Possible crash of tmm when loading an ltm policy that has conditions with numeric parameters

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
11.4.0, 11.4.1

Fixed In:
11.6.0, 11.4.1 HF2

Opened: Nov 03, 2013
Severity: 3-Major

Symptoms

Under certain circumstances, while processing a configuration update to an ltm policy which contains a doncition with a numeric arguments (e.g. 'index'), the tmm could write a byte just beyond the boundary of an allocated buffer. This could cause tmm to crash while perfoming a subsequent memory allocation.

Impact

When this condition is hit tmm continuously crashes as it reads its configuration. Traffic disrupted while tmm restarts.

Conditions

This crash rarely happens, but when it does, it does so consistently. The problem is related to numeric parameters added to conditions.

Workaround

If possible remove the numeric parameters to the action.

Fix Information

The condition which could cause memory corruption in tmm on loading a policy which contains conditions with numeric parameters has been fixed.

Behavior Change