i9300 notice.html是什么文件,Field Notice: FN - 70587 - Firepower Extensible Operating System - Memory Lea...

Notice

THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.

Revision History

Revision

Publish Date

Comments

1.0

12-Aug-20

Initial Release

2.0

31-Aug-20

Updated the Products Affected and Workaround/Solution Sections

Products Affected

Affected OS Type

Affected Software Product

Affected Release

Affected Release Number

Comments

NON-IOS

Firepower Extensible Operating System

2

2.0.1

NON-IOS

Firepower Extensible Operating System

2.1

2.1.1.106, 2.1.1.107, 2.1.1.113, 2.1.1.115, 2.1.1.116, 2.1.1.64, 2.1.1.69, 2.1.1.73, 2.1.1.77, 2.1.1.83, 2.1.1.85, 2.1.1.86, 2.1.1.97

NON-IOS

Firepower Extensible Operating System

2.2

2.2.1.63, 2.2.1.66, 2.2.1.70, 2.2.2.101, 2.2.2.17, 2.2.2.19, 2.2.2.24, 2.2.2.26, 2.2.2.28, 2.2.2.54, 2.2.2.60, 2.2.2.71, 2.2.2.83, 2.2.2.86, 2.2.2.91, 2.2.2.97

NON-IOS

Firepower Extensible Operating System

2.3

2.3.1.110, 2.3.1.111, 2.3.1.130, 2.3.1.144, 2.3.1.145, 2.3.1.155, 2.3.1.166, 2.3.1.56, 2.3.1.58, 2.3.1.66, 2.3.1.73, 2.3.1.75, 2.3.1.88, 2.3.1.91, 2.3.1.93, 2.3.1.99

NON-IOS

Firepower Extensible Operating System

2.4

2.4.1.101, 2.4.1.214, 2.4.1.222, 2.4.1.234, 2.4.1.238, 2.4.1.244, 2.4.1.249

NON-IOS

Firepower Extensible Operating System

2.6

2.6.1.131, 2.6.1.157, 2.6.1.166, 2.6.1.169, 2.6.1.174

NON-IOS

Firepower Extensible Operating System

2.7

2.7.1.92, 2.7.1.98

Defect Information

Defect ID

Headline

DME process crash due to memory leak on Firepower 4100/9300

Problem Description

A memory leak in the Firepower eXtensible Operating System (FXOS) might cause a Data Management Engine (DME) process crash on Firepower 4100 and Firepower 9300 Series security appliances.

Background

The DME within FXOS manages end points in the Firepower object model, which includes physical components (chassis, I/O module, security modules), logical components (policies), and workflows (server discovery, service profile management, downloads, upgrades, backups).

The DME process might crash and restart due to a memory leak that is related to periodic validation of trust points and their respective certificate chain. Prior to FXOS Version 2.4.1, the issue only occurs when Common Criteria (CC) mode is enabled. For affected FXOS Versions 2.4.1 and later, the memory leak is unconditional. This issue affects the Firepower 4100 and Firepower 9300 Series security appliances.

Problem Symptom

The DME process crash might cause the FPR4100 and FPR9300 Series security appliance to restart and affect service. For high-availability network configurations, a failover from the active to the standby device might occur. In clustering network configurations, a node leave event might occur.

Workaround/Solution

Upgrade the FXOS software on the FPR4100 and FPR9300 Series security appliances to one of these versions:

FXOS 2.3.1.173 or later

FXOS 2.4.1.252 or later

FXOS 2.6.1.187 or later

FXOS 2.7.1.106 or later

FXOS 2.8.1 or later

See the Cisco Firepower 4100/9300 Upgrade Guide for instructions on how to upgrade the FXOS software.

For More Information

If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:

Receive Email Notification For New Field Notices

My Notifications—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.