Bug ID 701737: apmd may leak memory on destroying Kerberos cache

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0,,,

Fixed In:

Opened: Jan 12, 2018
Severity: 3-Major


ampd leaks memory in AD Query agent.


The ampd leaks memory and might cause unstable behavior. The apmd process, or some other daemon may be killed by OOM killer when it tries to allocate memory.


The leak happens in response to any of the following conditions: -- A Kerberos cache reset is requested (any of the caches - GROUP/PSO/KERBEROS). -- Change to associated AAA AD Server were made and new Access Policy is applied. -- AD Query was not able to make ldap_bind to KDC and the error is NOT a timeout (e.g., invalid administrator password).


There is no workaround at this time.

Fix Information

AD Query agent no longer causes apmd memory leak during group cache update.

Behavior Change