diff --git a/mem/shm_mem.c b/mem/shm_mem.c
index de78213aaed..5b6a0cf4e0f 100644
--- a/mem/shm_mem.c
+++ b/mem/shm_mem.c
@@ -254,5 +254,13 @@ void shm_mem_destroy(void)
 #endif
 }
 
+inline unsigned long safe_shm_available()
+{
+	unsigned long ret;
+	shm_lock();
+	ret = shm_available();
+	shm_unlock();
+	return ret;
+}
 
 #endif
diff --git a/mem/shm_mem.h b/mem/shm_mem.h
index eadccb54edf..97032d45f1b 100644
--- a/mem/shm_mem.h
+++ b/mem/shm_mem.h
@@ -312,6 +312,11 @@ do{\
 
 #endif /* ! SHM_SAFE_MALLOC */
 
+/* multi-process safe version of shm_available()
+ */
+inline unsigned long safe_shm_available();
+
+
 #endif /* shm_mem_h */
 
 #endif /* SHM_MEM */
diff --git a/modules/tls/tls_server.c b/modules/tls/tls_server.c
index 1d861405357..be020ece447 100644
--- a/modules/tls/tls_server.c
+++ b/modules/tls/tls_server.c
@@ -59,10 +59,10 @@ int tls_run_event_routes(struct tcp_connection *c);
 /* low memory treshold for openssl bug #1491 workaround */
 #define LOW_MEM_NEW_CONNECTION_TEST() \
 	(cfg_get(tls, tls_cfg, low_mem_threshold1) && \
-	  (shm_available() < cfg_get(tls, tls_cfg, low_mem_threshold1)))
+	  (safe_shm_available() < cfg_get(tls, tls_cfg, low_mem_threshold1)))
 #define LOW_MEM_CONNECTED_TEST() \
 	(cfg_get(tls, tls_cfg, low_mem_threshold2) && \
-	  (shm_available() <  cfg_get(tls, tls_cfg, low_mem_threshold2)))
+	  (safe_shm_available() <  cfg_get(tls, tls_cfg, low_mem_threshold2)))
 
 #define TLS_RD_MBUF_SZ	65536
 #define TLS_WR_MBUF_SZ	65536