Last Modified: Nov 07, 2022
Affected Product:
See more info
BIG-IP LTM
Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3
Fixed In:
14.0.0, 13.1.0.4, 12.1.3.6, 11.6.5.1
Opened: Dec 12, 2013
Severity: 2-Critical
If a client reuses the same port that it used for a recently closed connection, the new connection may receive a RST in response to the client's SYN.
New connections reusing a 4-tuple may be reset for a brief period following a connection close.
A client reuses the same port that it used for a recently closed connection. The 4-tuple of local address, local port, remote address, and remote port must be the same to trigger this issue.
Lowering the "Close Wait" and "Fin Wait 1" timeouts in the TCP profile will shorten the amount of time that a particular 4-tuple remains unusable.
Improved abort handling to better clean up hanging connections.
