Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6
Fixed In:
13.0.0
Opened: Nov 19, 2015 Severity: 4-Minor
Whenever the Luna FIPS card firmware returns any error resulting from an asynchronous request, it sets the status to ERR_HSM_ERROR (0x40000116) and the FIPS driver logs the error. This behavior hides the true fault as there is no indication of the actual error.
The actual error reported by the Luna FIPS device firmware is never logged, preventing analysis of FIPS issues on Luna equipped platforms.
This occurs whenever an error is returned as the result of an asynchronous FIPS request to the Luna FIPS device.
None.
Fixed FIPS module for Luna device to report HSM error when request completion status is ERR_HSM_ERROR and log non-fatal FIPS errors at warning level.