Out of Memory (OOM) Condition and Memory Leak Observed After Upgrade in CA Strong Authentication 9.1.5
search cancel

Out of Memory (OOM) Condition and Memory Leak Observed After Upgrade in CA Strong Authentication 9.1.5

book

Article ID: 416856

calendar_today

Updated On:

Products

CA Strong Authentication

Issue/Introduction

After upgrading to CA Strong Authentication 9.1.5, customers observed a gradual and continuous increase in RAM utilization by the arwfserver.real process. Over time, memory usage grows until it reaches system limits, triggering OutOfMemory (OOM) errors and process termination by the Linux kernel.

The memory growth is visible in monitoring tools such as Checkmk or system resource monitors. Once the process is killed, the system recovers temporarily, but the issue recurs after restart.

Symptoms:

  • Continuous increase in RAM consumption by arwfserver.real.

  • Gradual reduction in available memory (~1% every 3–4 hours).

  • Eventually triggers OutOfMemory (OOM) condition.

  • Process arwfserver.real terminated automatically by the kernel.

  • No corresponding detailed errors in product logs.

Environment

 

  • Product: CA Strong Authentication

  • Version: 9.1.5

  • Operating System: RHEL 7.4

  • Database: External Oracle Database

 

 

Cause

Engineering analysis confirmed that the OOM condition was caused by a memory leak in specific request-handling flows within the Strong Authentication service.
The issue occurs due to improper memory release during certain authentication and session management operations.

Resolution

A hotfix patch has been developed by the Broadcom Engineering team to address the memory leak issue.

Fix details:

  • Patch Name: Symantec-StrongAuthentication-9.1.5-DE643630-DE637554-hotfix

  • Contents:

    • Updated binaries to correct memory handling logic in arwfserver.real.

    • Associated release notes with detailed application instructions.

The release notes contain step-by-step installation instructions and post-deployment validation steps.

Action Plan:

  1. Obtain the patch package and release notes from Broadcom Support by opening a new case.

  2. Apply the hotfix in a non-production environment first to validate.

  3. Monitor memory usage for at least 48 hours using your standard monitoring tools.

  4. Once confirmed stable, deploy the patch in the production environment.

Verification:

Post-implementation, RAM utilization by the arwfserver.real process should remain stable over extended runtime without progressive memory growth.
Customers should also observe the elimination of OOM events in /var/log/messages or dmesg.

Status:

Fix Released
Patch: Symantec-StrongAuthentication-9.1.5-DE643630-DE637554-hotfix
Availability: On-demand via Broadcom Support

Powered by Wolken Software