Bug ID 758517: Callback for Diffie Hellman crypto is missing defensive coding

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4

Fixed In:
15.1.0, 14.1.2.8

Opened: Feb 12, 2019
Severity: 3-Major

Symptoms

Destruction of objects during Diffie Hellman crypto callback does not first check for object validity.

Impact

IPsec tunnels down during tmm core in rare cases.

Conditions

Async callback for Diffie Hellman crypto call when objects no longer look valid.

Workaround

No work around is known at this time.

Fix Information

Add defensive coding to forestall action when objects look invalid.

Behavior Change