Bug ID 454547: TMM cored after form-based SSO control object is double freed

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4

Fixed In:
11.6.0, 11.5.1 HF5, 11.4.1 HF6, 11.4.0 HF8

Opened: Mar 28, 2014

Severity: 3-Major

Related Article: K16527

Symptoms

TMM was cored due to memory corruption caused by a double free in form based SSO. A forms-based SSO control failing to decrypt could lead to a double free. The decryption failure message is logged in LTM log.

Impact

Traffic disrupted while tmm restarts.

Conditions

Double free and TMM core could happen only if forms-based SSO control failed to decrypt.

Workaround

This issue has no workaround at this time.

Fix Information

Forms - Client Initiated SSO authentication handles decryption failure correctly.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips