Field Notice: FN - 70067 - cBR-8 - Potential Supervisor Card Crash When IPv6 Related Features are Executed - Software Upgrade Recommended

Available Languages

Updated:November 10, 2017
Document ID:FN70067

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Notice

THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.

Revision History

Revision Publish Date Comments
1.0
10-Nov-17
Initial Release

Products Affected

Affected OS Type Affected Release Affected Release Number Comments
NON-IOS
3.18.1aSP, 3.18.1SP, 3.18.1S, 3.15.0S, 3.18.0SP, 3.17.0S, 3.18.0aS, 3.18.0S, 3.16.1S, 3.15.1S, 3.17.1S, 3.16.0S
cBR-8 Cisco IOS XE Release:
3.18.2aSP / 15.6(2)SP2a
has the fix as well as later releases.

Defect Information

Defect ID Headline
CSCvc32015 SUP Crashed due to IPv6 list freed during v6list removing

Problem Description

The cBR-8 Converged Broadband Router Supervisor card might crash due to memory corruption in the DHCPv6 (Dynamic Host Configuration Protocol version 6) client or DHCPv6 process under these circumstances:

  • Upon receipt of a DHCPv6 message from the cable side
  • Upon DHCPv6 lease query response from the DHCPv6 server side

Background

When the IPv6 list is removed from the cable subscriber database, related to the DHCPv6 client in DHCPv6 solicit or DHCPv6 lease query response messages, the subscriber database entry is synchronized with the standby Supervisor and the cable line card.

If the process suspend occurs in this synchronization phase, under certain conditions such as at high CPU level, the IPv6 list might get freed elsewhere as a result of situations such as cable modem offline. When the process that uses this IPv6 list resumes, the freed IPv6 list is inadvertently accessed again which causes the Supervisor card to crash.

The issue can affect active and standy Supervisor cards.

Affected releases are listed in this table.

Impacted cBR-8 Release List
Cisco IOS® XE 3.15.0S / 15.5(2)S
Cisco IOS XE 3.15.1S / 15.5(2)S1
Cisco IOS XE 3.16.0S / 15.5(3)S
Cisco IOS XE 3.16.1S / 15.5(3)S1
Cisco IOS XE 3.16.2S / 15.5(3)S2
Cisco IOS XE 3.17.0S / 15.6(1)S
Cisco IOS XE 3.17.1S / 15.6(1)S1
Cisco IOS XE 3.18.0S / 15.6(2)S
Cisco IOS XE 3.18.0aS / 15.6(2)S0a
Cisco IOS XE 3.18.1S / 15.6(2)S1
Cisco IOS XE 3.18.0SP / 15.6(2)SP
Cisco IOS XE 3.18.1SP / 15.6(2)SP1
Cisco IOS XE 3.18.1aSP / 15.6(2)SP1a

Note: cBR-8 Cisco IOS XE Releases 3.18.2aSP / 15.6(2)SP2a and later do not exhibit this issue.

Problem Symptom

A Supervisor card crash, with a segmentation fault at the DHCPv6 client process or DHCPv6 relay process, is reported in crashinfo with these messages:

UNIX-EXT-SIGNAL: Segmentation fault(11), Process = DHCPv6 client

UNIX-EXT-SIGNAL: Segmentation fault(11), Process = DHCPv6 Relay

Workaround/Solution

Cisco recommends that customers who use IPv6 features upgrade to Cisco IOS XE 3.18.2aSP or a later release that contains the fix. See this action table.

Impacted Release List Recommended Action Release Notes
Cisco IOS XE 3.15.0S / 15.5(2)S Upgrade cBR-8 Cisco IOS XE to 3.18.2aSP / 15.6(2)SP2a or a later release Release Notes for Cisco cBR Series Converged Broadband Routers for Cisco IOS-XE Release 3.18S - Caveat List
Cisco IOS XE 3.15.1S / 15.5(2)S1
Cisco IOS XE 3.16.0S / 15.5(3)S
Cisco IOS XE 3.16.1S / 15.5(3)S1
Cisco IOS XE 3.16.2S / 15.5(3)S2
Cisco IOS XE 3.17.0S / 15.6(1)S
Cisco IOS XE 3.17.1S / 15.6(1)S1
Cisco IOS XE 3.18.0S / 15.6(2)S
Cisco IOS XE 3.18.0aS / 15.6(2)S0a
Cisco IOS XE 3.18.1S / 15.6(2)S1
Cisco IOS XE 3.18.0SP / 15.6(2)SP
Cisco IOS XE 3.18.1SP / 15.6(2)SP1
Cisco IOS XE 3.18.1aSP / 15.6(2)SP1a
Cisco IOS XE 3.18.2aSP / 15.6(2)SP2a or later No action required
Cisco IOS XE 16.5.01SPa or later No action required Release Notes for Cisco cBR Series Converged Broadband Routers for Cisco IOS XE Everest 16.5.1 - Caveat List

 

cBR-8 Software Download Link

The show version CLI command displays the current software version that runs on the cBR-8 router, as shown in this example:

For More Information

If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:

Receive Email Notification For New Field Notices

Cisco Notification Service—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

This Document Applies to These Products