Guest

Preview Tool

Cisco Bug: CSCvt59015 - KP IOQ driver. Add defensive parameter and state checks.

Last Modified

Oct 07, 2020

Products (1)

  • Sourcefire Defense Center

Known Affected Releases

6.4.0.7 6.5.0 6.6.0

Description (partial)

Symptom:
Snort crashes and reports the following in /var/log/messages:

Jul 10 13:05:57 firepower SF-IMS[31265]: [31265] oct_sftls_daq:oct_sftls_daq [ERROR] pdts message head too long. length 264, allowed 262
Jul 10 13:06:19 firepower SF-IMS[27468]: [27468] oct_sftls_daq:oct_sftls_daq [ERROR] pdts message head too long. length 271, allowed 262
Jul 10 13:06:51 firepower SF-IMS[13313]: [13313] oct_sftls_daq:oct_sftls_daq [ERROR] pdts message head too long. length 271, allowed 262

Snort processes are repeated exiting unexpectedly:
Jul 10 08:23:33 firepower SF-IMS[6722]: [6722] pm:process [WARN] Process 08ff3a8e-4fbd-11e9-a77a-30035ba9b671-d03 (23580) exited unexpectedly: 139 (0x0000008B)

Conditions:
Firepower 2100 series device
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.