Bug ID 773821: Certain plaintext traffic may cause SSLO to hang

Last Modified: Jul 03, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.4, 14.1.0.5, 14.1.0.6, 15.0.0

Opened: Apr 18, 2019
Severity: 3-Major

Symptoms

SSLO relies on SSL hudfilter to detect non-SSL traffic; but certain plaintext can be mistaken as SSL traffic, which can cause a hang.

Impact

SSLO hangs, unable to bypass traffic.

Conditions

Initial plaintext traffic resembles SSLv2 hello message or has less than enough bytes for SSL to process.

Workaround

None.

Fix Information

None

Behavior Change