Field Notice: FN - 70587 - Firepower Extensible Operating System - Memory Leak Might Cause Data Management Engine Process Crash on Firepower 4100 and Firepower 9300 Series Security Appliances - Software Upgrade Recommended

Notice

THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.

Revision History

Revision	Publish Date	Comments
1.0	12-Aug-20	Initial Release
2.0	31-Aug-20	Updated the Products Affected and Workaround/Solution Sections

Products Affected

Affected OS Type	Affected Software Product	Affected Release	Affected Release Number	Comments
NON-IOS	Firepower Extensible Operating System	2	2.0.1
NON-IOS	Firepower Extensible Operating System	2.1	2.1.1.106, 2.1.1.107, 2.1.1.113, 2.1.1.115, 2.1.1.116, 2.1.1.64, 2.1.1.69, 2.1.1.73, 2.1.1.77, 2.1.1.83, 2.1.1.85, 2.1.1.86, 2.1.1.97
NON-IOS	Firepower Extensible Operating System	2.2	2.2.1.63, 2.2.1.66, 2.2.1.70, 2.2.2.101, 2.2.2.17, 2.2.2.19, 2.2.2.24, 2.2.2.26, 2.2.2.28, 2.2.2.54, 2.2.2.60, 2.2.2.71, 2.2.2.83, 2.2.2.86, 2.2.2.91, 2.2.2.97
NON-IOS	Firepower Extensible Operating System	2.3	2.3.1.110, 2.3.1.111, 2.3.1.130, 2.3.1.144, 2.3.1.145, 2.3.1.155, 2.3.1.166, 2.3.1.56, 2.3.1.58, 2.3.1.66, 2.3.1.73, 2.3.1.75, 2.3.1.88, 2.3.1.91, 2.3.1.93, 2.3.1.99
NON-IOS	Firepower Extensible Operating System	2.4	2.4.1.101, 2.4.1.214, 2.4.1.222, 2.4.1.234, 2.4.1.238, 2.4.1.244, 2.4.1.249
NON-IOS	Firepower Extensible Operating System	2.6	2.6.1.131, 2.6.1.157, 2.6.1.166, 2.6.1.169, 2.6.1.174
NON-IOS	Firepower Extensible Operating System	2.7	2.7.1.92, 2.7.1.98

Defect Information

Defect ID	Headline
CSCvs39368	DME process crash due to memory leak on Firepower 4100/9300

Problem Description

A memory leak in the Firepower eXtensible Operating System (FXOS) might cause a Data Management Engine (DME) process crash on Firepower 4100 and Firepower 9300 Series security appliances.

Background

The DME within FXOS manages end points in the Firepower object model, which includes physical components (chassis, I/O module, security modules), logical components (policies), and workflows (server discovery, service profile management, downloads, upgrades, backups).

The DME process might crash and restart due to a memory leak that is related to periodic validation of trust points and their respective certificate chain. Prior to FXOS Version 2.4.1, the issue only occurs when Common Criteria (CC) mode is enabled. For affected FXOS Versions 2.4.1 and later, the memory leak is unconditional. This issue affects the Firepower 4100 and Firepower 9300 Series security appliances.

Problem Symptom

The DME process crash might cause the FPR4100 and FPR9300 Series security appliance to restart and affect service. For high-availability network configurations, a failover from the active to the standby device might occur. In clustering network configurations, a node leave event might occur.

Workaround/Solution

Upgrade the FXOS software on the FPR4100 and FPR9300 Series security appliances to one of these versions:

• FXOS 2.3.1.173 or later
• FXOS 2.4.1.252 or later
• FXOS 2.6.1.187 or later
• FXOS 2.7.1.106 or later
• FXOS 2.8.1 or later

See the Cisco Firepower 4100/9300 Upgrade Guide for instructions on how to upgrade the FXOS software.

For More Information

If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:

• Open a service request on Cisco.com
• By email or telephone

Receive Email Notification For New Field Notices

My Notifications—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.