Bug ID 979045: The tpm-status-check service shows System Integrity Status: Invalid when Engineering Hotfix installed on certain platforms

Last Modified: Sep 29, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 14.1.4.6, 14.1.5, 14.1.5.1, 14.1.5.2, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2

Opened: Jan 06, 2021
Severity: 2-Critical

Symptoms

After installing an Engineering Hotfix version of BIG-IP v14.1.0 or later, certain BIG-IP hardware systems. The Trusted Platform Module (TPM), status is showing as INVALID.

Impact

The TPM status INVALID indicates that the system integrity is compromised when it is actually valid.

Conditions

This may occur: -- Running BIG-IP v14.1.0 or later. -- Using Engineering Hotfixes containing fixes for the following bugs: - ID893885 (https://cdn.f5.com/product/bugtracker/ID893885.html) - ID946745 (https://cdn.f5.com/product/bugtracker/ID946745.html) - ID963017 (https://cdn.f5.com/product/bugtracker/ID963017.html) -- The issue is observed only on the following platforms: - i11600 / i11800 - i11400-DS / i11600-DS / i11800-DS

Workaround

None.

Fix Information

None

Behavior Change