Bug ID 650319: pkcs11d restart due to the leakage of file descriptors with unsupported Thales client 11.5

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6

Opened: Mar 10, 2017

Severity: 4-Minor

Symptoms

BIG-IP is leaking file descriptors. After reaching the limit, one needs to restart pkcs11d to make it work again.

Impact

BIG-IP is leaking file descriptors and after reaching the limit one needs to restart pkcs11d to make it working again.

Conditions

1. Access to Thales netHSM changes from accepted to denied. 2. LTM uses Thales software version 11.50.

Workaround

Use the supported version combination as stated at https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/f5-thales-hsm-version-interoperability-matrix.html

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips