Bug ID 458211: EAM core due to memory corruption when cookie length in HTTP request is more than 4095.

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4

Fixed In:
11.6.0, 11.5.1 HF5, 11.4.1 HF6, 11.4.0 HF8, 11.2.1 HF11

Opened: Apr 22, 2014
Severity: 2-Critical
Related AskF5 Article:


EAM module was coring with segmentation fault on malloc failure or SIGABRT while free memory operation. There are multiple repeated core in the customer environment during memory allocation/free operations. This issue will be triggered only when the size of the cookie in the http request is more than 4095. So if the cookie is more than 4095 in length the trailing '\0' corrupts the heap memory. If '\0' overwrites a memory chunk that is already in use, then it might cause an intermittent error like this.


EAM process cored and restarted.


In EAM plugin, when the size of the cookie in OAM http request is more than 4095.


This issue has no workaround at this time.

Fix Information

The EAM module now continues to function correctly when the size of a cookie in the HTTP request is greater than 4095.

Behavior Change