THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Revision | Publish Date | Comments |
---|---|---|
1.0 |
12-Aug-20 |
Initial Release |
2.0 |
31-Aug-20 |
Updated the Products Affected and Workaround/Solution Sections |
Affected OS Type | Affected Software Product | Affected Release | Affected Release Number | Comments |
---|---|---|---|---|
NON-IOS |
Firepower Extensible Operating System |
2 |
2.0.1 |
|
NON-IOS |
Firepower Extensible Operating System |
2.1 |
2.1.1.106, 2.1.1.107, 2.1.1.113, 2.1.1.115, 2.1.1.116, 2.1.1.64, 2.1.1.69, 2.1.1.73, 2.1.1.77, 2.1.1.83, 2.1.1.85, 2.1.1.86, 2.1.1.97 |
|
NON-IOS |
Firepower Extensible Operating System |
2.2 |
2.2.1.63, 2.2.1.66, 2.2.1.70, 2.2.2.101, 2.2.2.17, 2.2.2.19, 2.2.2.24, 2.2.2.26, 2.2.2.28, 2.2.2.54, 2.2.2.60, 2.2.2.71, 2.2.2.83, 2.2.2.86, 2.2.2.91, 2.2.2.97 |
|
NON-IOS |
Firepower Extensible Operating System |
2.3 |
2.3.1.110, 2.3.1.111, 2.3.1.130, 2.3.1.144, 2.3.1.145, 2.3.1.155, 2.3.1.166, 2.3.1.56, 2.3.1.58, 2.3.1.66, 2.3.1.73, 2.3.1.75, 2.3.1.88, 2.3.1.91, 2.3.1.93, 2.3.1.99 |
|
NON-IOS |
Firepower Extensible Operating System |
2.4 |
2.4.1.101, 2.4.1.214, 2.4.1.222, 2.4.1.234, 2.4.1.238, 2.4.1.244, 2.4.1.249 |
|
NON-IOS |
Firepower Extensible Operating System |
2.6 |
2.6.1.131, 2.6.1.157, 2.6.1.166, 2.6.1.169, 2.6.1.174 |
|
NON-IOS |
Firepower Extensible Operating System |
2.7 |
2.7.1.92, 2.7.1.98 |
Defect ID | Headline |
---|---|
CSCvs39368 | DME process crash due to memory leak on Firepower 4100/9300 |
A memory leak in the Firepower eXtensible Operating System (FXOS) might cause a Data Management Engine (DME) process crash on Firepower 4100 and Firepower 9300 Series security appliances.
The DME within FXOS manages end points in the Firepower object model, which includes physical components (chassis, I/O module, security modules), logical components (policies), and workflows (server discovery, service profile management, downloads, upgrades, backups).
The DME process might crash and restart due to a memory leak that is related to periodic validation of trust points and their respective certificate chain. Prior to FXOS Version 2.4.1, the issue only occurs when Common Criteria (CC) mode is enabled. For affected FXOS Versions 2.4.1 and later, the memory leak is unconditional. This issue affects the Firepower 4100 and Firepower 9300 Series security appliances.
The DME process crash might cause the FPR4100 and FPR9300 Series security appliance to restart and affect service. For high-availability network configurations, a failover from the active to the standby device might occur. In clustering network configurations, a node leave event might occur.
Upgrade the FXOS software on the FPR4100 and FPR9300 Series security appliances to one of these versions:
See the Cisco Firepower 4100/9300 Upgrade Guide for instructions on how to upgrade the FXOS software.
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
My Notifications—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.