Bug ID 515543: IPsec manual security associations can crash tmm on null lifetime pointers

Last Modified: Mar 21, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4

Fixed In:
12.0.0

Opened: Mar 31, 2015
Severity: 3-Major

Symptoms

Because manual security associations (SAs) are defined to live forever, there is no way to configure a lifetime for it. Because of the resulting absence of a lifetime object, the system might crash on a null pointer.

Impact

Tmm restarts after core, interrupting traffic and tunnels.

Conditions

When manual SAs are created.

Workaround

There is no workaround at this time.

Fix Information

The system now correctly handles lack of lifetime info for manual SAs.

Behavior Change