Guest

Preview Tool

Cisco Bug: CSCvt59178 - Memory Leak due to Malformed SSH Packet

Last Modified

Apr 18, 2020

Products (1)

  • Cisco IOS

Known Affected Releases

16.9.5

Description (partial)

Symptom:
Memory can leak over time on a router/switch, resulting in an eventual crash from a Crypto process:

IOSXE-WATCHDOG: Process = Crypto IKEv2
*Mar 24 17:59:23.113: %SCHED-0-WATCHDOG: Scheduler running for a long time, more than the maximum configured (120) secs.
-Traceback= 1#0431bd2d50a9f885576fd9aa02a9e614  iosd_crankshaft_unix:7F9EC6B000+34538 linux-vdso:7FB2FBF000+510 pthread:7F9E8E5000+92F8 pthread:7F9E8E5000+97D4 :400000+376B994 :400000+DC8CE8 :400000+DCBEB8 :400000+8A79BA4 :400000+89CA3FC :400000+8A3667C :400000+484A9F8

Conditions:
The crash is due to a memory leak, related to the receipt of malformed SSH packets. We should see memory depleting in the output of "show process memory sorted" and "show memory allocating-process totals", as well as some SSH error messages for the issues with the incoming packets:

 %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from XXX.XXX.XXX.XXX
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.