Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
11.5.2, 11.5.3, 11.6.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.0.0, 11.6.1, 11.5.4
Opened: Nov 16, 2014 Severity: 2-Critical Related Article:
K92821195
When multiple concurrent attempts are made to access a resource protected by APM, one of these attempts proceeds to policy execution and the rest get a message stating that session evaluation is in progress. The page that delivers this message has a unique identifier in the URL that causes the caching of this page to be ineffective. Multiple cache entries are created and these entries present themselves as a leak.
A memory leak occurs.
Use of APM. Multiple concurrent accesses to a resource protected by a virtual server with an APM profile attached. Note that no prior established sessions must exist for that client for this to happen.
None.
The APM page caching now omits the unique identifier in the key. As a result, a single page, or a small fixed number of pages, can serve a multitude of clients without an increase in memory usage.