Operational Defect Database
BugZero found this defect 501 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
F5 | 1103369
DELETE of REST Auth token does not result in deletion of the pamcache token file on a multi-slot VIPRION chassis, vCMP guest, or VELOS tenant
Last update date:
5/3/2024
Affected products:
BIG-IP
BIG-IP TMOS
Affected releases:
13.1.5
13.1.5.1
14.1.4.6
14.1.5
14.1.5.1
14.1.5.2
15.1.5.1
15.1.6
15.1.6.1
15.1.7
15.1.8
16.1.2.2
Fixed releases:
17.1.0
17.0.0.2
16.1.3.3
15.1.8.1
14.1.5.3
Description:
Bug ID 1103369: DELETE of REST Auth token does not result in deletion of the pamcache token file on a multi-slot VIPRION chassis, vCMP guest, or VELOS tenant ... The REST tokens are not deleted from cache /var/run/pamcache when the tokens are expired or deleted. ... Impact ... The deleted token continue to be available in the cache. ... Memory is consumed as cache is stored in an in-memory filesystem. ... Workaround ... First take immediate action to recover memory by removing stale tokens and restarting affected processes. ... This should be done to free memory, even if planning to update software to prevent reoccurrence. ... Remove token files from /run/pamcache manually. ... This may have minor impact to REST API use causing a REST user to need to reauthenticate. ... Execute the following command by using -print instead of -delete to verify the tokens to be deleted (recommended to not use clsh): # clsh "find /run/pamcache -regextype posix-extended -type f -regex '/run/pamcache/[A...
