| |
Bug Id: | CSCtw55976 |
Title: | Cisco IOS Software IPS Denial of Service Vulnerability |
|
Description: | Symptom:
Cisco IOS Software contains a vulnerability in the Intrusion Prevention System
(IPS) feature that could allow an unauthenticated, remote attacker to cause a
reload of an affected device if specific Cisco IOS IPS configurations exist.
Cisco has released free software updates that address this vulnerability.
Workarounds that mitigate this vulnerability are available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-
20120926-ios-ips
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 01-JUL-2015 |
|
Known Affected Releases: | 15.1(4)M1 |
|
Known Fixed Releases: | 12.4(24)GC5, 12.4(24)MDB15, 12.4(24)MDB16, 12.4(24)MDB17, 12.4(24)MDB18, 12.4(24)MDB19, 12.4(24)T10, 12.4(24)T11, 12.4(24)T12, 12.4(24)T8 |
|
|
| |
| |
Bug Id: | CSCut66144 |
Title: | VXML GW fails to handoff call to VXML Application on second VRU leg |
|
Description: | Symptom:
Call comes in to VXML GW and the TCL script for bootstrap comes up but VXML does not.
HTTP Get is never sent to CVP Server so then CVP Server times out and disconnects the call as never got any HTTP get from GW.
15.3.3.M5
Conditions:
High volume on the GW.
Workaround:
no workaround.
Further Problem Description:
GW is showing this.
9931429: Mar 26 14:22:21.839: //873876//MSM :/ms_handle_stream_timer: >>ms_start_play()
9931430: Mar 26 14:22:21.839: //873876//MSM :/ms_start_play: 1w4d, Tstart(ply: num 22 max 196 StDly 10)
Message should be.
ms_start_play: 1w4d mgdTstop(ply)
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 01-JUL-2015 |
|
Known Affected Releases: | 15.3(0.1) |
|
Known Fixed Releases: | 15.3(3)M5.2, 15.3(3)S5.12, 15.4(3)S3.3, 15.5(2)S0.9, 15.5(2)S1, 15.5(2)T0.1, 15.5(2)T1, 15.5(2.12)T, 15.5(2.14.1)PIH28, 15.5(2.16.5)PIH28 |
|
|
| |
| |
Bug Id: | CSCus89791 |
Title: | g722-64 codec crash during dial tone with country code |
|
Description: | Symptom:
Router gateway may crash with the g722-64 codec when processing country codes.
Conditions:
g722-64 codec must be configured. This issue is still under investigation
Workaround:
Remove g722-64 if possible.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 01-JUL-2015 |
|
Known Affected Releases: | 15.3(3)M4 |
|
Known Fixed Releases: | 15.3(3)M5.2, 15.3(3)S5.7, 15.4(3)M2.1, 15.4(3)M3, 15.4(3)S2.7, 15.4(3)S3, 15.5(1)S1.1, 15.5(1)S2, 15.5(1)S2.1, 15.5(1)T1.1 |
|
|
| |
| |
Bug Id: | CSCud95940 |
Title: | CPUHOG & Watchdog at Skinny Msg Server while running CME & Skinny |
|
Description: | Symptom:
A Cisco IOS Software device running Cisco Unified Communications Manager Express and Skinny phones could experience
CPU hogs and a watchdog, resulting in a crash.
%SYS-3-CPUHOG: Task is running for (128000)msecs, more than (2000)msecs
(630/222),process = Skinny Msg Server.
-Traceback= 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX
%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = Skinny Msg Server.
-Traceback= 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX
Conditions:
This symptom is observed with a device running Cisco Unified Communications Manager Express with Skinny phones and Multilevel Precedence and
Preemption (MLPP) disabled.
This problem affects Cisco IOS Software versions 12.4(24)T and later.
Workaround:
A possible mitigation is to enable MLPP.
<B>More Info:</B>
For this bug to be triggered several sequence of events needs to occur before this issue would be observed.
PSIRT Evaluation:
The Cisco PSIRT has evaluated this issue and does not meet the criteria for PSIRT ownership or involvement. This issue will be addressed via normal
resolution channels.
If you believe that there is new information that would cause a change in the severity of this issue, please contact psirt@cisco.com for another evaluation.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 01-JUL-2015 |
|
Known Affected Releases: | 15.1(4)M4 |
|
Known Fixed Releases: | 15.1(4)M6.3, 15.1(4)M7, 15.1(4)M8, 15.1(4)M9, 15.2(4)GC, 15.2(4)GC1, 15.2(4)GC2, 15.2(4)M3.9, 15.2(4)M4, 15.2(4)M5 |
|
|
| |
| |
Bug Id: | CSCuj20376 |
Title: | "vstack download-image tar flash1:" cause router gets crash |
|
Description: | Symptom: Cisco router crashes due to "vstack download-image tar flash1:".
Conditions: This symptom is observed when "vstack download-image tar flash1:" causes router to crash with GCC compiler image.
Workaround: There is no workaround.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 01-JUL-2015 |
|
Known Affected Releases: | 15.4(0.17)T |
|
Known Fixed Releases: | 15.3(3)JA1, 15.3(3)JA1m, 15.3(3)JA2, 15.3(3)JA3, 15.3(3)JA77, 15.3(3)JN4, 15.3(3)JNB, 15.3(3)JNB1, 15.3(3)M2.2, 15.3(3)M3 |
|
|
| |
| |
Bug Id: | CSCub92025 |
Title: | Cisco ISM Malformed AH Packet DoS Vulnerability |
|
Description: | Symptoms:
A vulnerability in AH packets processing on Cisco ISM module for ISR G2 could allow an authenticated, remote attacker to cause a reload of the
affected module.
The vulnerability is due to improper processing of malformed AH packets. An attacker could exploit this vulnerability by sending a stream of malformed
AH packets over an established IPSec SA. An exploit could allow the attacker to cause a reload of the affected module and DoS for IPSec traffic.
Conditions:
IPSec Security Association (SA) needs be up and fully authenticated. Malformed AH packets are coming over the IPSec SA.
Workaround:
None
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are
6.3/5.2:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:M/Au:S/C:N/I:N/A:C/E:F/RL:OF/RC:C
CVE ID CVE-2013-1241 has been assigned to document this issue.
Additional details about the vulnerability described here can be found at:
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1241
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 01-JUL-2015 |
|
Known Affected Releases: | 15.3TPI21 |
|
Known Fixed Releases: | 15.2(1.2.3)PI22, 15.3(2.4)T |
|
|
| |
| |
Bug Id: | CSCur43949 |
Title: | Continuous reloads are observed for c2951 router with 155-1.5.T image |
|
Description: | Symptom:
Continuous reloads is observed for c2951 router of Bender testbed when we boot the router with "c2951-universalk9-mz.SSA.155-1.5.T" image.
Conditions:
This issue is seen when we load the router with c2951-universalk9-mz.SSA.155-1.5.T
Workaround:
unknown
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 01-JUL-2015 |
|
Known Affected Releases: | 15.5(1)T0.2, 15.5(1.10)T, 15.5(1.4)T, 15.5(1.5)T |
|
Known Fixed Releases: | 15.5(1)T1, 15.5(1.23)T0.7, 15.5(2)T, 15.5(2.6)T |
|
|
| |
| |
Bug Id: | CSCur01171 |
Title: | Memory leak in MRCP_CLIENT in add_to_hoststatus_table |
|
Description: | Symptom:
SIP calls caused MRCP_CLIENT to leak memory
Conditions:
these 3 processes steadily increase memory holding
C3925MCCUBE1#sh proc mem sorted
PID TTY Allocated Freed Holding Getbufs Retbufs Process
379 0 141675176 3712923352 49236032 0 0 CCSIP_SPI_CONTRO
400 0 53990776 304432952 15530048 0 0 MRCP_CLIENT
295 0 2278473520 1587812972 10569436 0 0 http client proc
Workaround:
none
Further Problem Description:
Engineering believes the fix in CSCur07571 might have addressed this issue. The fix of CSCur07571 now available in 152-4-M6 or newer.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 02-JUL-2015 |
|
Known Affected Releases: | 15.2(4)M3.11, 15.2(4)M6 |
|
Known Fixed Releases: | 15.3(3)M5.2, 15.3(3)S5.17, 15.5(2.14)T, 15.5(2.14.1)PIH28, 15.5(2.16.5)PIH28, 15.5(2.21)S |
|
|
| |
| |
Bug Id: | CSCtq78217 |
Title: | ISRG2: Router reloads due to Segv exception process: CCSIP_SPI_CONTROL |
|
Description: | Symptoms: A router crashes with the following information:
System returned to ROM by address error at PC 0xZZZZZZZZ, address 0xZZZZZZZZ
Conditions: The symptom is observed with CUBE + SIP.
Workaround: There is no workaround.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 02-JUL-2015 |
|
Known Affected Releases: | 15.1(3)T |
|
Known Fixed Releases: | 15.1(2)T5, 15.1(3)T3.1, 15.1(3)T4, 15.1(4)GC1, 15.1(4)GC2, 15.1(4)M1.6, 15.1(4)M2, 15.1(4)M3, 15.1(4)M4, 15.1(4)M5 |
|
|
| |
| |
Bug Id: | CSCtr26373 |
Title: | PQ3_TSEC Gig interface hangs due to stuck Rx ring |
|
Description: | Symptom:
Interface experiences resource exhaustion and throttles. When coming out of the throttle condition the interface may get stuck and stop receiving traffic. All ingress traffic will then be counted as "input errors".
Conditions:
This has been observed on onboard GE interfaces of Cisco 39xx and
Cisco 2951 routers. It may be seen at random times. The interface will still
show "up/up" in the show interface output.
Workaround:
Reset the interface to restore connectivity.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 06-JUL-2015 |
|
Known Affected Releases: | 15.1(2)T3 |
|
Known Fixed Releases: | 15.0(1)M10, 15.0(1)M8.3, 15.0(1)M9, 15.1(2)T4.1, 15.1(2)T4.2, 15.1(2)T5, 15.1(3)T1.6, 15.1(3)T2, 15.1(3)T3, 15.1(3)T4 |
|
|
| |
| |
Bug Id: | CSCup67654 |
Title: | ISM-VPN module crash due to memory leak;Traceback = 1000b8a0 or 1000b8c0 |
|
Description: | Symptom:
-ISM crashes on ISR G2 running 152-4.M6a
-ACE Crash Info file yields traceback of the following:
======== Stack Back Trace ========
-Traceback= 1000b8a0
or
-Traceback= 1000b8c0
-Logging buffer may show the following:
May 28 07:32:56.769: Reventon small chunk is not destroyable
May 28 07:32:56.769: Reventon medium chunk is not destroyable
May 28 07:32:56.769: Reventon big chunk is not destroyable
May 28 07:32:56.777: %VPN_HW-6-SHUTDOWN: shutting down
May 28 07:33:03.645: %CRYPTO-6-GDOI_ON_OFF: GDOI is OFF
May 28 07:33:03.645: Reventon small chunk is not destroyable
May 28 07:33:03.645: Reventon medium chunk is not destroyable
May 28 07:33:03.645: Reventon big chunk is not destroyable
May 28 07:33:03.645: %VPN_HW-6-SHUTDOWN: shutting down
Conditions:
-Have ISM-VPN module enabled and encrypting traffic in ISR G2 platform
-DMVPN may be a factor
Workaround:
-Disable ISM and use onboard crypto engine with command "no crypto engine slot 0"
-If ISM has crashed, the router must be reloaded to recover module
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 07-JUL-2015 |
|
Known Affected Releases: | 15.2(4)M3.11, 15.2(4)M6.1, 15.3(3)M3 |
|
Known Fixed Releases: | 15.2(4)M8, 15.3(3)M5.1, 15.4(3)M2.2 |
|
|
| |
| |
Bug Id: | CSCtg95940 |
Title: | dh-group2 KE generation fails in the following scenario. |
|
Description: | Symptoms: The DH operation will fail and no further IKEv2 SAs will come up.
Conditions: This issue can occur with many IKEv2 requests coming at once and
when you are using hardware crypto-engine.
Workaround: There is no workaround.
Further Problem Description: You can re-start the router and switch to
software-crypto engine if needed.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 07-JUL-2015 |
|
Known Affected Releases: | 15.1PI14 |
|
Known Fixed Releases: | 15.0(2)EX, 15.0(5.2)DPB35, 15.0(5.21)SID, 15.1(1)MP1.27, 15.1(1)SD5.1, 15.1(1)SG5.103, 15.1(1)SG5.124, 15.1(1)SG5.163, 15.1(1)SG5.169, 15.1(1)SG5.170 |
|
|
| |
| |
Bug Id: | CSCti26202 |
Title: | ModExp Hardware support (DH Scale/performance improvement) |
|
Description: | Symptoms: With a Cisco 3900 series router, Modular Exponent (ModExp) is
currently done using software and this leads to bad scalability.
Conditions: The symptom is observed on a Cisco 3900 series router.
Workaround: There is no workaround.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 07-JUL-2015 |
|
Known Affected Releases: | 15.1T |
|
Known Fixed Releases: | 15.0(1)M10, 15.0(1)M4, 15.0(1)M7, 15.0(1)M8, 15.0(1)M9, 15.0(2)EA, 15.0(2)EB, 15.0(2)EC, 15.0(2)ED, 15.0(2)EH |
|
|
| |
| |
Bug Id: | CSCug38248 |
Title: | Watchdog Crash on "CFT Timer" When Unbinding & Deleting Child Flow |
|
Description: | Symptom: Watchdog crash is observed on "Common Flow Table" timer process. For example:
%SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = CFT Timer Process.
Conditions: Error is raised due to a CPU loop while attempting to unbind and delete a child flow in the "CFT Timer" process.
Workaround: There is no workaround.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 08-JUL-2015 |
|
Known Affected Releases: | 15.3(2)T |
|
Known Fixed Releases: | 15.0(11.6)EMW, 15.1(1)ICA4.122, 15.2(1)IC273.5, 15.2(2)E, 15.2(4)JB, 15.2(4)JB1, 15.2(4)JB3, 15.2(4)JB3a, 15.2(4)JB3b, 15.2(4)JB3s |
|
|
| |
| |
Bug Id: | CSCua86620 |
Title: | Metadata App-ID for vmware incorrect |
|
Description: | Symptoms: The vmware-view application is not detected/classified.
Conditions: This symptom is observed when vmware-view applications are used.
Workaround: There is no workaround.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 10-JUL-2015 |
|
Known Affected Releases: | 15.2(3.16)T |
|
Known Fixed Releases: | 15.1(1)SY0.1, 15.1(1)SY1, 15.1(1)SY1.32, 15.1(1)SY1.55, 15.1(1)SY1.57, 15.1(1)SY2, 15.1(1)SY3, 15.1(2)SY, 15.1(2)SY1, 15.1(2)SY2 |
|
|
| |
| |
Bug Id: | CSCul58283 |
Title: | GM crashes while registering to key server with GDOI MIB poll |
|
Description: | Symptom:
Cisco 3945-E running 15.3(2)T Crash while registering on the Key server.
Conditions:
The symptom is observed using GETVPN on Cisco IOS release 15.3(2)T.
Workaround:
There is no workaround.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 12-JUL-2015 |
|
Known Affected Releases: | 15.3(2)T1.2 |
|
Known Fixed Releases: | 15.1(2)IC66.3, 15.2(1)IC273.70, 15.2(1)ICA4.30, 15.2(2)DB101.101, 15.2(2)DB101.112, 15.2(2)E, 15.2(2.2.70)ST, 15.2(2b)E, 15.2(4.0)ST, 15.3(3)M2 |
|
|
| |
| |
Bug Id: | CSCuj17827 |
Title: | Withdraw message incompatible with CUCM |
|
Description: | Symptom: CCD unable to unpublish hosted DN patterns on forwarders running service-routing code. This can result in stale or duplicate routes in remote cluster's Learned Pattern table.
Conditions: This symptom is observed during disabling the advertising service, resetting the CCD sip trunk, rebooting a cluster, or a cluster losing connection to all SAF forwarders may trigger this defect.
Workaround: No workaround for preventing duplicate or stale routes, these routes can be purged from a remote cluster by resetting that cluster's requesting service or configuring a temporary Blocked Learn Pattern that matches the affected patterns.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 12-JUL-2015 |
|
Known Affected Releases: | 15.2(4)M3.11 |
|
Known Fixed Releases: | 15.1(2)IC66.3, 15.2(1)IC273.60, 15.2(1)ICA4.30, 15.2(2)DB101.101, 15.2(2)DB101.112, 15.2(4)GC1, 15.2(4)GC2, 15.2(4)M5.1, 15.2(4)M6, 15.2(4)M6a |
|
|
| |
| |
Bug Id: | CSCuu98027 |
Title: | onepk memory corrupt crash when repeating sh policy-map |
|
Description: | Symptom:
onePK application results in router crash with memory corruption when repeatedly running show policy-map command.
Conditions:
Using a onePK application that polls the router for information every 320ms
Workaround:
increase the polling to per second level rather than sub second level
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 17-JUL-2015 |
|
Known Affected Releases: | 15.4(3)M1a |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCur07571 |
Title: | Processor memory leak with MRCP_Client at cc_api_get_call_active_entry |
|
Description: | Symptom:
A VXML gateway router will see a memory leak with MRCP_CLIENT in processor memory. In some cases this can lead to the gateway crashing.
Conditions:
Seen with MRCPv1
Workaround:
Not seen MRCPv2
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 1 Catastrophic |
Last Modified: | 18-JUL-2015 |
|
Known Affected Releases: | 15.3(3)M3 |
|
Known Fixed Releases: | 15.3(3)M4.1, 15.3(3)M5, 15.3(3)S4.5, 15.3(3)S5, 15.4(1)S2.22, 15.4(1)S3, 15.4(1)T2.2, 15.4(1)T3, 15.4(2)S2.15, 15.4(2)S3 |
|
|
| |
| |
Bug Id: | CSCty42626 |
Title: | RSA operations fail with '(malloc) at interrupt level' msg |
|
Description: | Symptom:
Certificate enrollment fails for some of the Cisco routers due to
digital signature failure.
Conditions:
This symptom was initially observed when the Cisco 3945 router or
the Cisco 3945E router enrolls and requests certificates from a CA server.
This issue potentially impacts those platforms with HW crypto engine. Affected
platforms include (this is not a complete/exhaustive list)
c3925E, c3945E
c2951, c3925, c3945
c7200/VAM2+/VSA,
possibly VPNSPA on c7600/cat6K
819H
ISR G2 routers with ISM IPSec VPN accelerator
The issue is also seen on GetVPN Key Servers during the rekey process.
The issue can also be observed during the RSA key generation process on the router.
Workaround:
There is no workaround.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 19-JUL-2015 |
|
Known Affected Releases: | 15.1(4)M3.10 |
|
Known Fixed Releases: | 15.0(1)M10, 15.0(1)M8.18, 15.0(1)M9, 15.0(2)EJ, 15.0(2)EJ1, 15.0(2)EX, 15.0(2)EX1, 15.0(2)EX3, 15.0(2)EX4, 15.0(2)EX5 |
|
|
| |
| |
Bug Id: | CSCuv37210 |
Title: | SM-X-1T3/E3 show controller serial x/y crashes 3900e |
|
Description: | Symptom:
Issuing show controller Serial command of the Serial
interface created by SM-X-1T3/E3 card causes router to crash.
Conditions:
Issue is seen only on 3900e router platform with SM-X-1T3/E3
Workaround:
None.
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 1 Catastrophic |
Last Modified: | 20-JUL-2015 |
|
Known Affected Releases: | 15.6(0.6)T |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuc56259 |
Title: | Voice Gateway May Crash Due To %VOIP_RTP-6-MEDIA_LOOP: |
|
Description: | Symptoms: A Cisco IOS router (so far only seen on 15.1 and newer), running as a voice gateway may crash. Just prior to the crash, these messages can be seen:
%VOIP_RTP-6-MEDIA_LOOP: The packet is seen traversing the system multiple times
Delivery Ack could not be sent due to lack of buffers.
and/or
%SYS-6-STACKLOW: Stack for process IP Input running low, 0/12000
Conditions: This happens when a media loop is created (which is due to misconfiguration or some other call forward/transfer scenarios).
Workaround: Check the configurations for any misconfigurations, especially with calls involving CUBE and CUCM.
|
|
Status: | Fixed |
|
Severity: | 1 Catastrophic |
Last Modified: | 21-JUL-2015 |
|
Known Affected Releases: | 15.2(3)T2 |
|
Known Fixed Releases: | 15.1(4)M5.19, 15.1(4)M6, 15.1(4)M7, 15.1(4)M8, 15.1(4)M9, 15.2(1)T3.2, 15.2(1)T4, 15.2(1.2.3)PI22, 15.2(2)T2.3, 15.2(2)T3 |
|
|
| |
| |
Bug Id: | CSCtz15274 |
Title: | %FLEXDSPRM-3-UNSUPPORTED_CODEC: codec cisco is not supported on dsp T38 |
|
Description: | Symptoms: When attempting a T.38 fax call on gateway, you may see the following
in the logs:
006902: %FLEXDSPRM-3-UNSUPPORTED_CODEC: codec cisco is not supported on dsp 0/0
006903: %FLEXDSPRM-5-OUT_OF_RESOURCES: No dsps found either locally or globally.
Conditions: The symptom is observed with a T.38 fax call.
Workaround: There is no workaround.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 22-JUL-2015 |
|
Known Affected Releases: | 15.1(4)M |
|
Known Fixed Releases: | 15.1(4)M7.1, 15.1(4)M8, 15.1(4)M9, 15.2(1.2.3)PI22, 15.2(4)GC, 15.2(4)GC1, 15.2(4)GC2, 15.2(4)M2.6, 15.2(4)M3, 15.2(4)M4 |
|
|
| |
| |
Bug Id: | CSCti25780 |
Title: | corruption seen when compiling a few files with optimization |
|
Description: | Symptoms: One of the case values in the EIGRP registry is corrupted. This is
seen right after bootup.
Conditions: This symptom is observed when some of the files are compiled with
optimization.
Workaround: The corruption is not seen if the files are compiled with
optimization disabled.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 22-JUL-2015 |
|
Known Affected Releases: | 15.1(0.0.3)PIL14 |
|
Known Fixed Releases: | 15.0(1)S2, 15.0(1)SY, 15.0(1.19)DPA4a, 15.0(1.19)DPA5, 15.0(1.99)SG4, 15.0(2)SG, 15.0(2)SG8.0.131, 15.0(2.11)SID, 15.1(0.18)S0.3, 15.1(1)MR |
|
|
| |
| |
Bug Id: | CSCti67832 |
Title: | C3900e router reloads while enabling "debug crypto gdoi gm all-features" |
|
Description: | Symptoms: Cisco 3900e platform router reloads while try to enable GETVPN
Group Member (GM) all-features debugs.
Conditions: The symptom is observed on a Cisco 3900e router that is running
Cisco IOS interim Release 15.1(2.7)T and while trying to enable the debug
debug crypto gdoi gm all-features.
Workaround: There is no workaround.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 23-JUL-2015 |
|
Known Affected Releases: | 15.1(2.15)T, 15.1(2.7)T |
|
Known Fixed Releases: | 15.0(2)EA, 15.0(2)EB, 15.0(2)EC, 15.0(2)ED, 15.0(2)EH, 15.0(2)EJ, 15.0(2)EJ1, 15.0(2)EK, 15.0(2)EK1, 15.0(2)EX |
|
|
| |
| |
Bug Id: | CSCuo00091 |
Title: | ISM: No Packets encrypted: IP PKT Exception increasing |
|
Description: | Symptom:
ISM does not encrypt data (encaps counter is 0 in "show crypto ipsec sa")
Issue is seen in post 15.2(4)M5.4 (including M6) versions.
Conditions:
ISM is used.
Workaround:
Use oboard crypto
Further Problem Description:
|
|
Status: | Other |
|
Severity: | 2 Severe |
Last Modified: | 25-JUL-2015 |
|
Known Affected Releases: | 15.2(4)M6 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCto81814 |
Title: | Router crash when SSH over IKEv2 tunnel to manage the router |
|
Description: | Symptoms: When SSH is attempted over an IKEv2 tunnel using ECDSA certificates, the router crashes.
Conditions: This symptom is observed only when ECDSA certificates are used for IKEv2 and not with RSA certificates or with IKEv1.
Workaround: There is no workaround.
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 25-JUL-2015 |
|
Known Affected Releases: | 15.1(4)M |
|
Known Fixed Releases: | 15.0(2)EA, 15.0(2)EB, 15.0(2)EC, 15.0(2)ED, 15.0(2)EH, 15.0(2)EJ, 15.0(2)EJ1, 15.0(2)EK, 15.0(2)EK1, 15.0(2)EX |
|
|
| |
| |
Bug Id: | CSCuv45566 |
Title: | Malloc in Chunk Manager in 15.2(4)M3 |
|
Description: | Symptom:
Process which is occupying a huge amount of memory are:
Processor Pool Total: 503475360 Used: 502931268 Free: 544092
I/O Pool Total: 303038464 Used: 112929504 Free: 190108960
PID TTY Allocated Freed Holding Getbufs Retbufs Process
1 0 67089800 4011146024 350929324 0 0 Chunk Manager >>>>>>>>>>>>>>>>>>>>>
0 0 370706760 168518436 189752848 0 0 *Init*
340 0 35114576 10955872 21442160 0 0 IPSEC key engine
0 0 0 0 19612240 0 0 *MallocLite*
-----------------------------------
Allocator PC Summary for: Processor
Displayed first 2048 Allocator PCs only
PC Total Count Name
0x0498ECAF 329579176 847 CCSIP CCB Pool
0x0065B821 18889492 15483 *Packet Header*
-----------------------------------
0x0498ECAF: sip_gw_chunk_get(0x498eca2)+0xd
-----------------------------------
Also the router is no longer processing any voice traffic. No phones are registering to this gateway.
Conditions:
none
Workaround:
None
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 26-JUL-2015 |
|
Known Affected Releases: | 15.2(4)M2 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCtq97723 |
Title: | Cisco3945 Performance Decrease between 15.0(1)M2 and 15.1(4)M |
|
Description: | Symptoms:
A Cisco 3945 router may have performance issues (lower throughput) due to overruns.
Conditions:
This is seen in a "show interface" output in the overrun counter.
Stress testing was performed with a steady bi-directional 64 byte ICMP stream through the router.
For example:
c3900-universalk9-mz.SPA.150-1.M2 image.
The highest rate to test 100% clean was
251.969Mbps / 33.07% wire rate / 492,125.98 fps for 10 minutes
above that rate overruns would increment
Comparing this to
c3900-universalk9-mz.SPA.151-4.M
The highest rate to test 100% clean was
190.476Mbps / 25.0% wire rate / 372,023.81 fps
above that rate overruns would increment
The input and output interfaces are configured very basic and were unchanged during the
test.
!
interface GigabitEthernet0/0
ip address 10.0.0.1 255.255.255.0
load-interval 30
duplex full
speed 1000
!
interface GigabitEthernet0/1
ip address 20.0.0.1 255.255.255.0
load-interval 30
duplex full
speed 1000
!
Workaround: There is no workaround.
|
|
Status: | Other |
|
Severity: | 2 Severe |
Last Modified: | 27-JUL-2015 |
|
Known Affected Releases: | 15.1(4)M |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCut34058 |
Title: | Memory Fragment on SM-X-1T3/E3= with Serial Background process |
|
Description: | Symptom:
The following memory log start to appear again and again:
035167: Feb 17 10:01:13.316 CST: %SYS-2-MALLOCFAIL: Memory allocation of 10060 bytes failed from 0x358708, alignment 32
Pool: I/O Free: 1642352 Cause: Memory fragmentation
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "Serial Background", ipl= 4, pid= 43
-Traceback= 19E5889z 31B9D78z 31B9529z 358708z 354B50z 358D24z 36385Cz 3637D9z 2EFF3A3z
The process consuming the memory is Serial Background
After the decode of the traceback we noticed that the card "SM-X-1T3/E3=" appears on it:
0x36385C:__be_sm_1t3e3_serial_set_idle_character_mode(0x3637f4)+0x68
0x3637D9:__be_sm_1t3e3_serial_reset_wrapper(0x3637ba)+0x1f
Conditions:
The device must have the SM-X-1T3/E3= card.
Workaround:
None
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 28-JUL-2015 |
|
Known Affected Releases: | 15.3(3)M4 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuv49227 |
Title: | 'bfd interval' values only 999-999 in Port-channel sub-interface mode |
|
Description: | Symptom:
1) BFD interval command missing after IOS upgrade.
2) The range of values available for the command 'bfd interva' under Port-channel sub-interface configuration is different between 15.1 and 15.3 IOS versions.
On Version 15.1(4)M6
!
interface Port-channel1.999
Router(config-subif)#bfd interval
<50-999> Milliseconds
min_rx
<50-999> Milliseconds
multiplier
<3-50> value used to multiply the interval
On Version 15.4(3)M3
!
interface Port-channel1.999
Router(config-subif)#bfd interval
<999-999> Milliseconds
min_rx
<999-999> Milliseconds
multiplier
<3-50> value used to multiply the interval
Conditions:
'bfd interval' configuration under Port-Channel sub-interface.
Workaround:
None
Further Problem Description:
On version 15.1(4)M6, the available configuration values for the command 'bfd interval', under interface Port-channel1.123 were <50-999>
Router(config-subif)#bfd interval
<50-999> Milliseconds
min_rx
<50-999> Milliseconds
multiplier
<3-50> value used to multiply the interval
After upgrading to 15.4(3)M3, the range of available values was changed to <999-999>
On Version 15.4(3)M3
!
interface Port-channel1.123
Router(config-subif)#bfd interval
<999-999> Milliseconds
min_rx
<999-999> Milliseconds
multiplier
<3-50> value used to multiply the interval
The consequence is that the command is ignored at boot-time when the Router is upgraded, which is not expected by customers.
At boot time, we can see the command previously available in 15.1 is no longer accepted and then ignored in 15.3 when the configuration is being loaded
bfd interval 50 min_rx 150 multiplier 3
^.
% Invalid input detected at '^' marker.
%Interface MTU set to channel-group MTU 1500.
%Interface MTU set to channel-group MTU 1500.
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 29-JUL-2015 |
|
Known Affected Releases: | 15.4(3)M2.2 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCus30128 |
Title: | RRI dynamic L2L after client change ip address Ipsec rekey lost routes |
|
Description: | Symptom:
Dynamic L2L IPsec VPN , client used PPPOE to connect to internet.
When the client PPPOE disconnect and got the new ip address .
In the hub when the old address SPI lifetime reached and delete it will delete the RRI route.
When the new SPI lifetime reached , IPsec rekey the RRI route be added and then very quickly be delete.
Conditions:
The issue is happened when remote router change the ip address , but in the hub still have the old SPI information.
Workaround:
Manually add an static route for the RRI entry.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 30-JUL-2015 |
|
Known Affected Releases: | 15.2(4)M6.1 |
|
Known Fixed Releases: | 15.2(4.0)ST, 15.2(4.0.21)E, 15.3(3)M5.2, 15.3(3)S5.16, 15.5(1)S1.1, 15.5(1)S2, 15.5(1)S2.1, 15.5(1)SN1, 15.5(1)T1, 15.5(2)S0.8 |
|
|
| |
| |
Bug Id: | CSCui79745 |
Title: | Crash @ crypto_engine_packet_callback in IPSEC on ISR Codenomicon |
|
Description: | Symptom:
A vulnerability in IPSec processing of Cisco IOS Software could allow an authenticated, remote attacker to cause a reload of the affected device.
The vulnerability is due to improper processing of malformed IPSec packets. An attacker could exploit this vulnerability by sending malformed IPSec
packets to be processed by an affected device. An exploit could allow the attacker to cause a cause a reload of the affected device.
Conditions:
Cisco IOS device receiving malformed IPSec packets over an established IPSec SA, may crash.
Workaround:
None
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are
6.8/5.6:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:S/C:N/I:N/A:C/E:F/RL:OF/RC:C
CVE ID CVE-2014-3299 has been assigned to document this issue.
Additional details about the vulnerability described here can be found at:
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3299
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 30-JUL-2015 |
|
Known Affected Releases: | 15.4(0.12)T |
|
Known Fixed Releases: | 15.2(1)SY1.13, 15.2(2)E, 15.2(2.2.73)ST, 15.2(2.2.93)EA, 15.2(2.3)PSR, 15.2(2.39)PSR, 15.2(2b)E, 15.2(3)E, 15.2(4.0)ST, 15.3(2)T4 |
|
|
| |
| |
Bug Id: | CSCus56153 |
Title: | Crash with MSRPC trf @ Firewall State,CCE dp policy feature object chunk |
|
Description: | Symptom:
IOS crash @CCE dp policy f
Conditions:
na
Workaround:
none at the moment
Further Problem Description:
|
|
Status: | Other |
|
Severity: | 2 Severe |
Last Modified: | 30-JUL-2015 |
|
Known Affected Releases: | 15.2(4)M6 |
|
Known Fixed Releases: | |
|
|
| |
2013 Cisco and/or its affiliates. All rights reserved. 
没有评论:
发表评论