Bug ID 742627: SSL session mirroring may cause memory leakage if HA channel is down

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4

Fixed In:
14.1.0, 14.0.0.5, 13.1.1.4

Opened: Sep 04, 2018
Severity: 2-Critical

Symptoms

If SSL session mirroring is enabled, but the HA channel is down, attempts to mirror may result in memory leakage.

Impact

Memory leakage over time resulting in eventual memory pressure leading to performance degradation and possible TMOS restart.

Conditions

- SSL session mirroring enabled - HA channel is down

Workaround

Ensuring that the HA peer is present and connected will avoid the leakage. Otherwise, no reasonable workaround exists short of disabling SSL session mirroring.

Fix Information

SSL session mirroring no longer leaks memory when the HA channel is down.

Behavior Change