| |
Bug Id: | CSCuj20376 |
Title: | "vstack download-image tar flash1:" cause router gets crash |
|
Description: | Symptom: Cisco router crashes due to "vstack download-image tar flash1:".
Conditions: This symptom is observed when "vstack download-image tar flash1:" causes router to crash with GCC compiler image.
Workaround: There is no workaround.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 04-MAY-2015 |
|
Known Affected Releases: | 15.4(0.17)T |
|
Known Fixed Releases: | 15.3(3)JA1, 15.3(3)JA1m, 15.3(3)JA2, 15.3(3)JA3, 15.3(3)JN4, 15.3(3)JNB, 15.3(3)JNB1, 15.3(3)M2.2, 15.3(3)M3, 15.3(3)M4 |
|
|
| |
| |
Bug Id: | CSCuq80985 |
Title: | Traceback seen at AFW_Snr_IsSipSnr |
|
Description: | Symptom:
CME crashes intermittently
Conditions:
SNR configured on SIP CME
Workaround:
NONE
Further Problem Description:
NONE
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 05-MAY-2015 |
|
Known Affected Releases: | 15.2TPI19 |
|
Known Fixed Releases: | 15.3(3)S5.9, 15.5(1.10.1)GB, 15.5(1.13)S, 15.5(1.7)T, 15.5(2)S |
|
|
| |
| |
Bug Id: | CSCul83183 |
Title: | Router 3900e may reload unexpectedly |
|
Description: | Symptom:
A 3900e router may reload unexpectedly. A crashinfo file will be written on the local file system.
------------------ show flash0: all ------------------
-#- --length-- -----date/time------ path
12 302357 Jan 22 2014 13:11:58 -07:00 crashinfo_20140122-131158-MST
Conditions:
This defect only impacts 3925e or 3945e routers due to its processing architecture. Other platforms such as 19xx, 29xx, 3925 and 3945 are not vulnerable.
The following message may be seen on the crashinfo files or logs prior to the reload.
%SYS-3-MGDTIMER: Timer has parent, timer link, timer = XXXXXXXX. -Process= "", ipl= x, pid= xxx
-Traceback= XXXXXXXz XXXXXXXz XXXXXXXz XXXXXXXz
The IOS process on the message is not what causes the failure, any routine (included but not limited to IPv6, IP SNMP, ADJ resolve process and VRRS Main thread) may appear.
Workaround:
- Remove BFD configuration
- Upgrade to the IOS releases listed on the "Known Fixed Releases" from CSCul03432.
https://tools.cisco.com/bugsearch/bug/CSCul03432/?reffering_site=dumpcr
Further Problem Description:
|
|
Status: | Other |
|
Severity: | 2 Severe |
Last Modified: | 05-MAY-2015 |
|
Known Affected Releases: | 15.2(4)M4.5 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuj14595 |
Title: | Memory leak in CCSIP_TCP_SOCKET |
|
Description: | Symptom: A Cisco 3945 voice gateway running Cisco IOS Release 15.2(4)M3 or Cisco IOS Release 15.2(4)M4 may have a processor pool memory leak in the CCSIP_TCP_SOCKET process.
Conditions: This symptom is seen on slow TCP connections, where the response is slow and frequent transmission errors are observed.
Workaround: There is no workaround.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 06-MAY-2015 |
|
Known Affected Releases: | 15.2(4)M4.3 |
|
Known Fixed Releases: | 15.2(4)GC3, 15.2(4)M6.3, 15.2(4)M7, 15.2(4)S5.13, 15.2(4)S6, 15.3(3)M3.2, 15.3(3)M4, 15.3(3)S3.4, 15.3(3)S4, 15.4(2.14)T |
|
|
| |
| |
Bug Id: | CSCuq12079 |
Title: | MRCP_CLIENT memory leak |
|
Description: | Symptom:
Memory leak in MRCP_CLIENT Process
Conditions:
Unknown at this time
Workaround:
none
Further Problem Description:
|
|
Status: | Other |
|
Severity: | 2 Severe |
Last Modified: | 07-MAY-2015 |
|
Known Affected Releases: | 15.2(4)M3.11 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuo00091 |
Title: | ISM: No Packets encrypted: IP PKT Exception increasing |
|
Description: | Symptom:
ISM does not encrypt data (encaps counter is 0 in "show crypto ipsec sa")
Issue is seen in post 15.2(4)M5.4 (including M6) versions.
Conditions:
ISM is used.
Workaround:
Use oboard crypto
Further Problem Description:
|
|
Status: | Other |
|
Severity: | 2 Severe |
Last Modified: | 08-MAY-2015 |
|
Known Affected Releases: | 15.2(4)M6 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCut78892 |
Title: | [PI28] Router crash while unconfiguring DMVPN tunnel |
|
Description: | Symptom:
Router crash and reload while unconfiguring
Conditions:
While unconfiguring DMVPN tunnel
Workaround:
NA
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 1 Catastrophic |
Last Modified: | 08-MAY-2015 |
|
Known Affected Releases: | 15.5(3)M |
|
Known Fixed Releases: | 15.4(3)M2.2, 15.5(2.14)T, 15.5(2.14.1)PIH28 |
|
|
| |
| |
Bug Id: | CSCuq72859 |
Title: | Profile C performance degradation in 3945e and 3925e intel platforms |
|
Description: | Symptom:
Lower performance with all monitors enabled and NBAR based QoS on 3900e platforms
Conditions:
all AVC EzPM monitors enabled and NBAR based QoS traffic condition
Workaround:
None
Further Problem Description:
|
|
Status: | Terminated |
|
Severity: | 2 Severe |
Last Modified: | 08-MAY-2015 |
|
Known Affected Releases: | 15.4(3)M |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCua38876 |
Title: | Crash after VPN_HW-1-PACKET_ERROR |
|
Description: | Symptoms: Router is forced to reload after a few minutes of passing traffic
through VPN tunnels.
Conditions: The symptom is observed with a tunnel protection configuration when
an ISM-VPN module is enabled.
Workaround: Disable ISM-VPN crypto-engine module.
|
|
Status: | Other |
|
Severity: | 2 Severe |
Last Modified: | 08-MAY-2015 |
|
Known Affected Releases: | 15.2(2)T1 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuq72954 |
Title: | Coarse Grain monitor performance degradation in 3945e and 3925e platform |
|
Description: | Symptom:
Performance lower for CG monitors on 3925e and 3945e platforms
Conditions:
Reduced performance with NBAR based Qos and AVC CG
Workaround:
None
Further Problem Description:
|
|
Status: | Terminated |
|
Severity: | 2 Severe |
Last Modified: | 11-MAY-2015 |
|
Known Affected Releases: | 15.4(3)M |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCus89791 |
Title: | g722-64 codec crash during dial tone with country code |
|
Description: | Symptom:
Router gateway may crash with the g722-64 codec when processing country codes.
Conditions:
g722-64 codec must be configured. This issue is still under investigation
Workaround:
Remove g722-64 if possible.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 12-MAY-2015 |
|
Known Affected Releases: | 15.3(3)M4 |
|
Known Fixed Releases: | 15.3(3)S5.7, 15.4(3)M2.1, 15.4(3)S2.7, 15.5(1)S1.1, 15.5(1)T1.1, 15.5(2)S0.6, 15.5(2.14)S, 15.5(2.6)T |
|
|
| |
| |
Bug Id: | CSCtz22112 |
Title: | VXML gateway crash when trying to access a URL. |
|
Description: | Symptoms: A VXML gateway may crash while parsing through an HTTP packet that
contains the "HttpOnly" field:
//324809//HTTPC:/httpc_cookie_parse: * cookie_tag=' HttpOnly'
//324809//HTTPC:/httpc_cookie_parse: ignore unknown attribute: HttpOnly
Unexpected exception to CPU: vector D, PC = 0x41357F8
Note: The above log was captured with "debug http client all" enabled to
generate additional debugging output relevant to HTTP packet handling.
Conditions: The symptom is observed when an HTTP packet with the "HttpOnly"
field set is received.
Workaround: There is no workaround.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 13-MAY-2015 |
|
Known Affected Releases: | 15.1(3.22)T |
|
Known Fixed Releases: | 15.1(4)M5.14, 15.1(4)M6, 15.1(4)M7, 15.1(4)M8, 15.1(4)M9, 15.2(2.19)S0.7, 15.2(3.16)T, 15.2(3.30)PIP, 15.2(4)GC, 15.2(4)GC1 |
|
|
| |
| |
Bug Id: | CSCtj79480 |
Title: | High CPU due to interrupts in time_it |
|
Description: | Symptom:
High CPU usage due to time_it (in interrupts).
Conditions:
The conditions are undetermined at this time.
Workaround:
Reload the router and the CPU goes down for certain time.
Further Problem Description:
|
|
Status: | Terminated |
|
Severity: | 2 Severe |
Last Modified: | 14-MAY-2015 |
|
Known Affected Releases: | 15.1(1)T1 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCut62573 |
Title: | Delay in ip sla start-time day by day |
|
Description: | Symptom:
Delay will happen on ip sla start-time day by day
Conditions:
1. The router is sync to a NTP server
2. ip sla is configured with another router
3. ip sla start-time is set
Workaround:
none
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 15-MAY-2015 |
|
Known Affected Releases: | 15.3(3)M4.2 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCut85312 |
Title: | H245 accessing free chunk |
|
Description: | Symptom:
Hw sw
c3900-universalk9-mz.SPA.152-4.M7.bin
CISCO3925
Conditions:
None
Workaround:
None
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 18-MAY-2015 |
|
Known Affected Releases: | 15.2(4)M7.1 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCus30128 |
Title: | RRI dynamic L2L after client change ip address Ipsec rekey lost routes |
|
Description: | Symptom:
Dynamic L2L IPsec VPN , client used PPPOE to connect to internet.
When the client PPPOE disconnect and got the new ip address .
In the hub when the old address SPI lifetime reached and delete it will delete the RRI route.
When the new SPI lifetime reached , IPsec rekey the RRI route be added and then very quickly be delete.
Conditions:
The issue is happened when remote router change the ip address , but in the hub still have the old SPI information.
Workaround:
Manually add an static route for the RRI entry.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 19-MAY-2015 |
|
Known Affected Releases: | 15.2(4)M6.1 |
|
Known Fixed Releases: | 15.5(1)S1.1, 15.5(1)SN1, 15.5(1)T1, 15.5(2)S0.8, 15.5(2.14)S |
|
|
| |
| |
Bug Id: | CSCut34058 |
Title: | Memory Fragment on SM-X-1T3/E3= with Serial Background process |
|
Description: | Symptom:
The following memory log start to appear again and again:
035167: Feb 17 10:01:13.316 CST: %SYS-2-MALLOCFAIL: Memory allocation of 10060 bytes failed from 0x358708, alignment 32
Pool: I/O Free: 1642352 Cause: Memory fragmentation
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "Serial Background", ipl= 4, pid= 43
-Traceback= 19E5889z 31B9D78z 31B9529z 358708z 354B50z 358D24z 36385Cz 3637D9z 2EFF3A3z
The process consuming the memory is Serial Background
After the decode of the traceback we noticed that the card "SM-X-1T3/E3=" appears on it:
0x36385C:__be_sm_1t3e3_serial_set_idle_character_mode(0x3637f4)+0x68
0x3637D9:__be_sm_1t3e3_serial_reset_wrapper(0x3637ba)+0x1f
Conditions:
The device must have the SM-X-1T3/E3= card.
Workaround:
None
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 19-MAY-2015 |
|
Known Affected Releases: | 15.3(3)M4 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCun88463 |
Title: | Router reload due to memory corruption with IP SLA |
|
Description: | Symptom:
A router may reload unexpectedly. Chunk corruption error messages may be observed, similar to the following:
Mar 23 17:58:00.183: %SYS-2-CHUNKBADMAGIC: Bad magic number in chunk header, chunk 25946BCC data 26F39424 chunkmagic 0 chunk_freemagic EF4321CD -Process= "Exec", ipl= 0, pid= 3
-Traceback= 1AD57A1z 3242562z 3242317z 324116Bz 32334EAz 3236097z 692AF39z 19FE57Dz 1A22D87z 1A224FFz 1A2062Az 1A37585z
chunk_diagnose, code = 1
chunk name is MallocLite
current chunk header = 0x26F39414
data check, ptr = 0x26F39424
next chunk header = 0x26F3943C
data check, ptr = 0x26F3944C
previous chunk header = 0x26F393EC
data check, ptr = 0x26F393FC
Conditions:
This has been observed on the ISR 3900E, running 15.2(4)M4, 15.4(1)T, 15.4(2)T. It likely affects all other releases.
The crash requires inter-device redundancy to be configured - a common example of this would be CUBE HA. No application needs to be configured for HA - the crash will occur with only base redundancy configured.
Once redundancy is configured, enabling IP SLA probes on the standby router will cause it to crash. The active router has NOT been observed to crash.
Workaround:
Do not use IP SLA on the standby router, or disable inter-device redundancy if IP SLA probes must be configured.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 20-MAY-2015 |
|
Known Affected Releases: | 15.2(4)M3.11, 15.4(1)T1, 15.4(2)T1 |
|
Known Fixed Releases: | 15.5(0.18)S0.6, 15.5(0.22)T, 15.5(1)S, 15.5(1)SN, 15.5(1.12)S, 15.5(1.2.1a)GB, 7.0(0)BZ(0.46), 7.0(0)HSK(0.317), 7.0(0)KM(0.97), 7.1(0)AV(0.38) |
|
|
| |
| |
Bug Id: | CSCus63558 |
Title: | IOS crashed @qos_cac_flow_compare after sending scaled flows |
|
Description: | Symptom:
IOS crashed with scaled flows when LCAC feature is configured.
Conditions:
IOS might crash when LCAC QoS feature is configured, and send thousands of flow over this interface.
Workaround:
N/A
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 20-MAY-2015 |
|
Known Affected Releases: | 15.4(2)T1, 15.5(1)T |
|
Known Fixed Releases: | 15.5(2.13)T, 15.5(2.14.1)PIH28, 15.5(2.16.5)PIH28, 15.5(2.20)S, 16.1(0.237) |
|
|
| |
| |
Bug Id: | CSCuc66122 |
Title: | Crash show ip sla summary with ip-sla-voip-rtp |
|
Description: | Symptoms: A crash occurs with the show ip sla summary
command with the IP SLAs RTP-Based VoIP Operation.
Conditions: This symptom occurs when the IP SLAs RTP-Based VoIP Operation is
configured on the box.
Workaround: Use the show ip sla statistics command to check
the status and statistics of the IP SLAs RTP-Based VoIP Operation rather than
show ip sla summary command, when the IP SLAs RTP-Based
VoIP Operation is configured on the box.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 20-MAY-2015 |
|
Known Affected Releases: | 15.3(0.18)T |
|
Known Fixed Releases: | 15.1(1)ICA4.122, 15.2(1)E, 15.2(1)E1, 15.2(1)E2, 15.2(1)E3, 15.2(1)EY, 15.2(1)IC273.5, 15.2(1.2.3)PI22, 15.2(2)E, 15.3(0.18)T0.4 |
|
|
| |
| |
Bug Id: | CSCuc37407 |
Title: | Crash config replace after initiator/path address type mismatch poll |
|
Description: | Symptoms: If configuration replace is tried after session-based poll, which has
an address type (IPv4/IPv6) mismatch with initiator source-IP, then a crash is
seen.
Conditions: This symptom occurs when configuring Mediatrace initiator with a
particular type of address, for example, IPv4 only or IPv6 only. This issue is
seen when trying a session-based poll with the address type for a
path-specifier not matching the address type of the initiator. Then,
configuration replace on the same configurations leads to a crash.
Workaround: There is no workaround.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 20-MAY-2015 |
|
Known Affected Releases: | 15.3(0.16)T |
|
Known Fixed Releases: | 15.1(1)ICA4.122, 15.2(1)E, 15.2(1)E1, 15.2(1)E2, 15.2(1)E3, 15.2(1)EY, 15.2(1)IC273.5, 15.2(1.2.3)PI22, 15.2(2)E, 15.3(0.15)PI21b |
|
|
| |
| |
Bug Id: | CSCtn83520 |
Title: | Traceback seen on VOIP_RTCP |
|
Description: | Symptoms: VOIP_RTCP related traceback is seen.
Conditions: This symptom is observed when IPIP gateways are involved.
Workaround: There is no workaround.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 20-MAY-2015 |
|
Known Affected Releases: | 15.1(1)T2 |
|
Known Fixed Releases: | 12.4(24)MDA13, 12.4(24)T10, 12.4(24)T11, 12.4(24)T12, 12.4(24)T7, 12.4(24)T8, 12.4(24)T9, 15.0(1)M10, 15.0(1)M7.5, 15.0(1)M8 |
|
|
| |
| |
Bug Id: | CSCtr26373 |
Title: | PQ3_TSEC Gig interface hangs due to stuck Rx ring |
|
Description: | Symptom:
Interface experiences resource exhaustion and throttles. When coming out of the throttle condition the interface may get stuck and stop receiving traffic. All ingress traffic will then be counted as "input errors".
Conditions:
This has been observed on onboard GE interfaces of Cisco 39xx and
Cisco 2951 routers. It may be seen at random times. The interface will still
show "up/up" in the show interface output.
Workaround:
Reset the interface to restore connectivity.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 20-MAY-2015 |
|
Known Affected Releases: | 15.1(2)T3 |
|
Known Fixed Releases: | 15.0(1)M10, 15.0(1)M8.3, 15.0(1)M9, 15.1(2)T4.1, 15.1(2)T4.2, 15.1(2)T5, 15.1(3)T1.6, 15.1(3)T2, 15.1(3)T3, 15.1(3)T4 |
|
|
| |
| |
Bug Id: | CSCuo20765 |
Title: | ISM crash seen during smaller frames fragmentation/reassembly |
|
Description: | Symptom:
ISM crash seen
Conditions:
mtu value changed to 200 when there is traffic flow.
Workaround:
Use on-board crypto engine.
Further Problem Description:
|
|
Status: | Terminated |
|
Severity: | 2 Severe |
Last Modified: | 21-MAY-2015 |
|
Known Affected Releases: | 15.4(2.16)T, 15.4(2.8)T, 15.5(1.11)T |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCub92025 |
Title: | Cisco ISM Malformed AH Packet DoS Vulnerability |
|
Description: | Symptoms:
A vulnerability in AH packets processing on Cisco ISM module for ISR G2 could allow an authenticated, remote attacker to cause a reload of the
affected module.
The vulnerability is due to improper processing of malformed AH packets. An attacker could exploit this vulnerability by sending a stream of malformed
AH packets over an established IPSec SA. An exploit could allow the attacker to cause a reload of the affected module and DoS for IPSec traffic.
Conditions:
IPSec Security Association (SA) needs be up and fully authenticated. Malformed AH packets are coming over the IPSec SA.
Workaround:
None
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are
6.3/5.2:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:M/Au:S/C:N/I:N/A:C/E:F/RL:OF/RC:C
CVE ID CVE-2013-1241 has been assigned to document this issue.
Additional details about the vulnerability described here can be found at:
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1241
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 21-MAY-2015 |
|
Known Affected Releases: | 15.3TPI21 |
|
Known Fixed Releases: | 15.2(1.2.3)PI22, 15.3(2.4)T |
|
|
| |
| |
Bug Id: | CSCur43949 |
Title: | Continuous reloads are observed for c2951 router with 155-1.5.T image |
|
Description: | Symptom:
Continuous reloads is observed for c2951 router of Bender testbed when we boot the router with "c2951-universalk9-mz.SSA.155-1.5.T" image.
Conditions:
This issue is seen when we load the router with c2951-universalk9-mz.SSA.155-1.5.T
Workaround:
unknown
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 22-MAY-2015 |
|
Known Affected Releases: | 15.5(1)T0.2, 15.5(1.10)T, 15.5(1.4)T, 15.5(1.5)T |
|
Known Fixed Releases: | 15.5(1)T1, 15.5(1.23)T0.7, 15.5(2)T, 15.5(2.6)T |
|
|
| |
| |
Bug Id: | CSCuj23293 |
Title: | Memory leak in CCSIP_UDP_SOCKET |
|
Description: | <B>Symptom:</B>
A memory leak is seen in the MALLOCLITE process:
show processes memory ------------------
Processor Pool Total: 282793968 Used: 280754252 Free: 2039716
I/O Pool Total: 41943040 Used: 18560544 Free: 23382496
PID TTY Allocated Freed Holding Getbufs Retbufs Process
0 0 268189264 170950536 88785564 1354 634324 *Init*
0 0 0 0 141933756 0 0 *MallocLite*
409 0 451333208 202702788 40928844 83639 83639 CCSIP_UDP_SOCKET
299003084 Total
The memory continues to increase there.
<B>Conditions:</B>
This symptom is observed while parsing to header, Gateway gets errors as below:
Feb 26 12:07:28 EST: Parse Error: url_parseSipUrl: Received Bad Port
Feb 26 12:07:28 EST: //2765/000000000000/SIP/Error/sippmh_cmp_tags: Parse Error in request header
The correct response for the above should have been to send
400 Bad Request The request cannot be fulfilled due to bad syntax
The memory associated with the above is not getting released is the side effect of the above.
<B>Workaround:</B>
There is no workaround.
<B>Further Problem Description:</B>
This issue was not seen on versions earlier than 15.3X
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 22-MAY-2015 |
|
Known Affected Releases: | 15.3(1)T1.1, 15.3(2)T1.2 |
|
Known Fixed Releases: | 15.3(3)M2.4, 15.3(3)M3, 15.3(3)M4, 15.3(3)S2.8, 15.3(3)S3, 15.3(3)S4, 15.4(1)S2.2, 15.4(1)S3, 15.4(1)T1.2, 15.4(1)T2 |
|
|
| |
| |
Bug Id: | CSCty42626 |
Title: | RSA operations fail with '(malloc) at interrupt level' msg |
|
Description: | Symptom:
Certificate enrollment fails for some of the Cisco routers due to
digital signature failure.
Conditions:
This symptom was initially observed when the Cisco 3945 router or
the Cisco 3945E router enrolls and requests certificates from a CA server.
This issue potentially impacts those platforms with HW crypto engine. Affected
platforms include (this is not a complete/exhaustive list)
c3925E, c3945E
c2951, c3925, c3945
c7200/VAM2+/VSA,
possibly VPNSPA on c7600/cat6K
819H
ISR G2 routers with ISM IPSec VPN accelerator
The issue is also seen on GetVPN Key Servers during the rekey process.
The issue can also be observed during the RSA key generation process on the router.
Workaround:
There is no workaround.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 25-MAY-2015 |
|
Known Affected Releases: | 15.1(4)M3.10 |
|
Known Fixed Releases: | 15.0(1)M10, 15.0(1)M8.18, 15.0(1)M9, 15.0(2)EJ, 15.0(2)EJ1, 15.0(2)EX, 15.0(2)EX1, 15.0(2)EX3, 15.0(2)EX4, 15.0(2)EX5 |
|
|
| |
| |
Bug Id: | CSCtw55976 |
Title: | Cisco IOS Software IPS Denial of Service Vulnerability |
|
Description: | Symptom:
Cisco IOS Software contains a vulnerability in the Intrusion Prevention System
(IPS) feature that could allow an unauthenticated, remote attacker to cause a
reload of an affected device if specific Cisco IOS IPS configurations exist.
Cisco has released free software updates that address this vulnerability.
Workarounds that mitigate this vulnerability are available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-
20120926-ios-ips
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 26-MAY-2015 |
|
Known Affected Releases: | 15.1(4)M1 |
|
Known Fixed Releases: | 12.4(24)GC5, 12.4(24)MDB15, 12.4(24)MDB16, 12.4(24)MDB17, 12.4(24)MDB18, 12.4(24)MDB19, 12.4(24)T10, 12.4(24)T11, 12.4(24)T12, 12.4(24)T8 |
|
|
| |
| |
Bug Id: | CSCta20040 |
Title: | Device crashes when receiving invalid SIP message |
|
Description: | Summary
Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device when SIP operation is enabled.
Cisco has released free software updates that address these vulnerabilities. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-sip.shtml.
Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Five of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses vulnerabilities in Cisco Unified Communications Manager. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on September 22, 2010, or earlier:
http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep10.html
Cisco Unified Communications Manager (CUCM) is affected by the vulnerabilities described in this advisory. Two separate Cisco Security Advisories have been published to disclose the vulnerabilities that affect the Cisco Unified Communications Manager at the following locations:
http://www.cisco.com/warp/public/707/cisco-sa-20090826-cucm.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20100922-cucm.shtml
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 26-MAY-2015 |
|
Known Affected Releases: | 12.4(24.6)PI11i |
|
Known Fixed Releases: | 12.4(15)T12, 12.4(15)T13, 12.4(15)T14, 12.4(15)T16, 12.4(15)T17, 12.4(22)T4, 12.4(22)T5, 12.4(24)MDA13, 12.4(24)MDB13, 12.4(24)MDB14 |
|
|
| |
| |
Bug Id: | CSCui88426 |
Title: | Cisco IOS Software IKEv2 Denial of Service Vulnerability |
|
Description: | Symptom:
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of the affected device that would lead to a denial of service (DoS) condition.
The vulnerability is due to how an affected device processes certain malformed IKEv2 packets. An attacker could exploit this vulnerability by sending malformed IKEv2 packets to an affected device to be processed. An exploit could allow the attacker to cause a reload of the affected device that would lead to a DoS condition.
Although IKEv2 is automatically enabled on a Cisco IOS Software and Cisco IOS XE Software devices when the Internet Security Association and Key Management Protocol (ISAKMP) is enabled, the vulnerability can be triggered only by sending a malformed IKEv2 packet.
Only IKEv2 packets can trigger this vulnerability.
Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-ikev2
Note: The March 26, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2014 bundled publication.
Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar14.html
Conditions:
See published Cisco Security Advisory
Workaround:
See published Cisco Security Advisory
Further Problem Description:
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 7.8/6.4:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C
CVE ID CVE-2014-2108 has been assigned to document this issue.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 26-MAY-2015 |
|
Known Affected Releases: | 15.4(0.12)T, 15.4(2)S |
|
Known Fixed Releases: | 15.0(2)EJ1, 15.0(2)EK, 15.0(2)EK1, 15.0(2)EX5, 15.0(2)SE6, 15.1(1)ICA4.122, 15.1(1)SY2.45, 15.1(1)SY3, 15.1(1)XO1, 15.1(1.0.33)XO1 |
|
|
| |
| |
Bug Id: | CSCut66144 |
Title: | VXML GW fails to handoff call to VXML Application on second VRU leg |
|
Description: | Symptom:
Call comes in to VXML GW and the TCL script for bootstrap comes up but VXML does not.
HTTP Get is never sent to CVP Server so then CVP Server times out and disconnects the call as never got any HTTP get from GW.
15.3.3.M5
Conditions:
High volume on the GW.
Workaround:
no workaround.
Further Problem Description:
GW is showing this.
9931429: Mar 26 14:22:21.839: //873876//MSM :/ms_handle_stream_timer: >>ms_start_play()
9931430: Mar 26 14:22:21.839: //873876//MSM :/ms_start_play: 1w4d, Tstart(ply: num 22 max 196 StDly 10)
Message should be.
ms_start_play: 1w4d mgdTstop(ply)
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 26-MAY-2015 |
|
Known Affected Releases: | 15.3(0.1) |
|
Known Fixed Releases: | 15.3(3)S5.12, 15.5(2)S0.9, 15.5(2.12)T, 15.5(2.14.1)PIH28, 15.5(2.16.5)PIH28, 15.5(2.19)S |
|
|
| |
| |
Bug Id: | CSCud95940 |
Title: | CPUHOG & Watchdog at Skinny Msg Server while running CME & Skinny |
|
Description: | Symptom:
A Cisco IOS Software device running Cisco Unified Communications Manager Express and Skinny phones could experience
CPU hogs and a watchdog, resulting in a crash.
%SYS-3-CPUHOG: Task is running for (128000)msecs, more than (2000)msecs
(630/222),process = Skinny Msg Server.
-Traceback= 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX
%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = Skinny Msg Server.
-Traceback= 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX
Conditions:
This symptom is observed with a device running Cisco Unified Communications Manager Express with Skinny phones and Multilevel Precedence and
Preemption (MLPP) disabled.
This problem affects Cisco IOS Software versions 12.4(24)T and later.
Workaround:
A possible mitigation is to enable MLPP.
<B>More Info:</B>
For this bug to be triggered several sequence of events needs to occur before this issue would be observed.
PSIRT Evaluation:
The Cisco PSIRT has evaluated this issue and does not meet the criteria for PSIRT ownership or involvement. This issue will be addressed via normal
resolution channels.
If you believe that there is new information that would cause a change in the severity of this issue, please contact psirt@cisco.com for another evaluation.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 26-MAY-2015 |
|
Known Affected Releases: | 15.1(4)M4 |
|
Known Fixed Releases: | 15.1(4)M6.3, 15.1(4)M7, 15.1(4)M8, 15.1(4)M9, 15.2(4)GC, 15.2(4)GC1, 15.2(4)GC2, 15.2(4)M3.9, 15.2(4)M4, 15.2(4)M5 |
|
|
| |
| |
Bug Id: | CSCui79745 |
Title: | Crash @ crypto_engine_packet_callback in IPSEC on ISR Codenomicon |
|
Description: | Symptom:
A vulnerability in IPSec processing of Cisco IOS Software could allow an authenticated, remote attacker to cause a reload of the affected device.
The vulnerability is due to improper processing of malformed IPSec packets. An attacker could exploit this vulnerability by sending malformed IPSec
packets to be processed by an affected device. An exploit could allow the attacker to cause a cause a reload of the affected device.
Conditions:
Cisco IOS device receiving malformed IPSec packets over an established IPSec SA, may crash.
Workaround:
None
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are
6.8/5.6:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:S/C:N/I:N/A:C/E:F/RL:OF/RC:C
CVE ID CVE-2014-3299 has been assigned to document this issue.
Additional details about the vulnerability described here can be found at:
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3299
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 26-MAY-2015 |
|
Known Affected Releases: | 15.4(0.12)T |
|
Known Fixed Releases: | 15.2(2)E, 15.2(2.2.73)ST, 15.2(2.2.93)EA, 15.2(2.3)PSR, 15.2(2.39)PSR, 15.2(2b)E, 15.2(3)E, 15.3(2)T4, 15.3(3)M3.2, 15.3(3)M4 |
|
|
| |
| |
Bug Id: | CSCtq23960 |
Title: | ISR series routers using PPC or MIPS arch crash & gen empty crash files |
|
Description: | Symptoms: A Cisco ISRG2 3900 series platform using PPC architecture crashes and
generates empty crashinfo files:
show flash: all
-#- --length-- -----date/time------ path
<>
2 0 Mar 13 2011 09:40:36 crashinfo_
3 0 Mar 13 2011 12:35:56 crashinfo_
4 0 Mar 17 2011 16:14:04 crashinfo_
5 0 Mar 21 2011 05:50:58 crashinfo_
Conditions: The symptom is observed with a Cisco ISRG2 3900 series platform
using PPC architecture.
Workaround: There is no workaround.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 27-MAY-2015 |
|
Known Affected Releases: | 15.0(1)M5, 15.0(1)S5.1, 15.1(2)T2 |
|
Known Fixed Releases: | 15.1(4)M5.18, 15.1(4)M6, 15.1(4)M7, 15.1(4)M8, 15.1(4)M9, 15.2(1.2.3)PI22, 15.2(4)GC, 15.2(4)GC1, 15.2(4)GC2, 15.2(4)M2.5 |
|
|
| |
| |
Bug Id: | CSCuu19587 |
Title: | Tracebacks and TFO frame errors seen with WAAS-Ex, ISM-VPN and GetVPN |
|
Description: | Symptom:
Tracebacks and TFO errors seen. ftp-data not getting optimized.
Conditions:
WAAS-Ex and ISM-VPN enabled in GetVPN environment.
Workaround:
None
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 28-MAY-2015 |
|
Known Affected Releases: | 15.2(4)M, 15.4(3)M, 15.5(2)T, 15.5(2.13)T, 15.5(2.14)T |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCup67654 |
Title: | ISM-VPN module crash due to memory leak;Traceback = 1000b8a0 or 1000b8c0 |
|
Description: | Symptom:
-ISM crashes on ISR G2 running 152-4.M6a
-ACE Crash Info file yields traceback of the following:
======== Stack Back Trace ========
-Traceback= 1000b8a0
or
-Traceback= 1000b8c0
-Logging buffer may show the following:
May 28 07:32:56.769: Reventon small chunk is not destroyable
May 28 07:32:56.769: Reventon medium chunk is not destroyable
May 28 07:32:56.769: Reventon big chunk is not destroyable
May 28 07:32:56.777: %VPN_HW-6-SHUTDOWN: shutting down
May 28 07:33:03.645: %CRYPTO-6-GDOI_ON_OFF: GDOI is OFF
May 28 07:33:03.645: Reventon small chunk is not destroyable
May 28 07:33:03.645: Reventon medium chunk is not destroyable
May 28 07:33:03.645: Reventon big chunk is not destroyable
May 28 07:33:03.645: %VPN_HW-6-SHUTDOWN: shutting down
Conditions:
-Have ISM-VPN module enabled and encrypting traffic in ISR G2 platform
-DMVPN may be a factor
Workaround:
-Disable ISM and use onboard crypto engine with command "no crypto engine slot 0"
-If ISM has crashed, the router must be reloaded to recover module
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 28-MAY-2015 |
|
Known Affected Releases: | 15.2(4)M3.11, 15.2(4)M6.1, 15.3(3)M3 |
|
Known Fixed Releases: | 15.2(4)M8, 15.3(3)M5.1, 15.5(2.2)T |
|
|
| |
| |
Bug Id: | CSCur01171 |
Title: | Memory leak in MRCP_CLIENT in add_to_hoststatus_table |
|
Description: | Symptom:
SIP calls caused MRCP_CLIENT to leak memory
Conditions:
these 3 processes steadily increase memory holding
C3925MCCUBE1#sh proc mem sorted
PID TTY Allocated Freed Holding Getbufs Retbufs Process
379 0 141675176 3712923352 49236032 0 0 CCSIP_SPI_CONTRO
400 0 53990776 304432952 15530048 0 0 MRCP_CLIENT
295 0 2278473520 1587812972 10569436 0 0 http client proc
Workaround:
none
Further Problem Description:
Engineering believes the fix in CSCur07571 might have addressed this issue. The fix of CSCur07571 now available in 152-4-M6 or newer.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 30-MAY-2015 |
|
Known Affected Releases: | 15.2(4)M3.11, 15.2(4)M6 |
|
Known Fixed Releases: | 15.5(2.14)T, 15.5(2.14.1)PIH28, 15.5(2.16.5)PIH28, 15.5(2.21)S |
|
|
| |
| |
Bug Id: | CSCul52326 |
Title: | L2TP/IPsec with NAT-T to ISR-G2 with ISM-VPN module fails |
|
Description: | Symptom:
IKE Phase 1 and Phase 2 establishes, but we only see few packets decrypted (none encrypted). After couple of seconds both phases get cleared.
Traceback seen on ISM-VPN shim layer debug:
debug crypto engine ism shim
Conditions:
This symptom is observed under the following condition:
- ISR-G2 [1900/2900/3900] with active ISM-VPN module acting as L2TP over IPSec Server.
- L2TP PC is behind a NAT device, triggering NAT-traversal in IKE.
Workaround:
Perform the following workarounds:
- PCs that do not get NAT'ed can connect fine.
- switch to onboard crypto engine using the command, no crypto engine slot 0
Further Problem Description:
To see if ISM-VPN module is active:
1. show crypto engine brief
crypto engine name: Virtual Private Network (VPN) Module
crypto engine type: hardware
State: Enabled
Location: slot 0
Product Name: ISM VPN Accelerator
or
2. show crypto eli
Hardware Encryption : ACTIVE
Number of hardware crypto engines = 1
CryptoEngine ISM VPN details: state = Active
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 31-MAY-2015 |
|
Known Affected Releases: | 15.3(3)M |
|
Known Fixed Releases: | 15.2(4)M8, 15.4(3)M2.2, 15.5(1.11)T |
|
|
| |
没有评论:
发表评论