BugZero | Cisco BugID CSCur40249 - ASA may become unresponsive due to memory debuggin...

Loading...

Operational Defect Database

A free repository of operational (non-security) bugs centralized through custom integrations with leading IT vendors.

Product

Enterprise platform
Bug Scrub Advisor
Operational Risk Scoring
Vendor Integrations

Company

Plans
Value Guide
About
Contact us
Legal

Resources

Blog
ServiceNow App
Trust Center
Risk Management
NIST
DORA

Operational Defect Database

A free repository of operational (non-security) bugs centralized through custom integrations with leading IT vendors.

Product

Enterprise platform
Bug Scrub Advisor
Operational Risk Scoring
Vendor Integrations

Company

Plans
Value Guide
About
Contact us
Legal

Resources

Blog
ServiceNow App
Trust Center
Risk Management
NIST
DORA

©2025 BugZero. All Rights Reserved.

Privacy Policy Terms of Service

BugZero | Cisco BugID CSCur40249 - ASA may become unresponsive due to memory debuggin...

ODD
Cisco
CSCur40249

Cisco - Defect ID: CSCur40249

ASA may become unresponsive due to memory debugging commands and SFR module or threat detection

ODD
Cisco
CSCur40249

Cisco - Defect ID: CSCur40249

ASA may become unresponsive due to memory debugging commands and SFR module or threat detection

Last updated on October 31st, 2024

BugZero Risk Score
8.0 High

Overall: 8.0

Severity: 8.2

Lifecycle: 9.1

Popularity: 6.9

What is the BugZero Risk Score?

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Bug Details

Description

Symptom

An ASA Firewall may exhibit elevated CPU utilization under very low traffic rates. 'show process cpu-usage non-zero' shows most of the CPU usage is in the datapath as shown here: uut19-5512# show processes cpu-usage non-zero PC Thread 5Sec 1Min 5Min Process 0x00000000019649eb 0x00007fffee11d560 0.0% 0.2% 0.3% ssh - - 95.4% 34.9% 38.5% DATAPATH-0-1451 Also, 'cpu hog granular-detection 1000 1' and 'show process cpu-hog' contain output similar to this: Process: DATAPATH-0-1451, PROC_PC_TOTAL: 52, MAXHOG: 9284, LASTHOG: 2584 LASTHOG At: 23:41:21 UTC Apr 6 2015 PC: 0x0000000000000000 (suspend) Process: DATAPATH-0-1451, NUMHOG: 51, MAXHOG: 9284, LASTHOG: 2584 LASTHOG At: 23:41:21 UTC Apr 6 2015 PC: 0x0000000000000000 (suspend) Call stack: 0x00000000004381fa 0x000000000071cc3d 0x000000000171170d 0x000000000171aaac 0x000000371c808201 Interrupt based hog entry #1 Hog #1, traceback #1, at: 23:40:28 UTC Apr 6 2015, hog 9 ms PC: 0x000000371c47a9b4 Call stack: Hog #1, traceback #2, at: 23:40:28 UTC Apr 6 2015, hog 19 ms PC: 0x000000371c47a9b0 Call stack: Note there is no Call stack in the "Interrupt based hog entry", and the PC is in the 0x0000003700000000 range.

Conditions

Threat-detection is enabled or memory delay-free-poisoner are enabled. This issue affects 9.3.2.x code versions only. 9.3.3 contains the fix for this issue.

Workaround

Disable threat detection (it is enabled be default). This can be done by issuing the following commands in global configuration: no threat-detection basic-threat no threat-detection statistics Also make sure the delayed-free-poisoner is not enabled (it is not enabled by default and should be enabled only under TAC supervision): no memory delayed-free-poisoner enable

Further Problem Description

None.

PSIRT Evaluation

The Cisco PSIRT has evaluated this issue and does not meet the criteria for PSIRT ownership or involvement. This issue will be addressed via normal resolution channels. If you believe that there is new information that would cause a change in the severity of this issue, please contact psirt@cisco.com for another evaluation. Additional information on Cisco''s security vulnerability policy can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

Relevant Products

Click on a version to see all relevant bugs

Affected versions:9.0.1, 9.0.1.1, 9.0.1.2, 9.0.1.4, 9.0.2, 9.0.2.10, 9.0.2.12, 9.0.2.2, 9.0.2.6, 9.0.2.8, 9.0.2.9, 9.0.3, 9.0.3.1, 9.0.3.10, 9.0.3.3, 9.0.3.6, 9.0.3.8, 9.0.4, 9.0.4.1, 9.0.4.11, 9.0.4.13, 9.0.4.17, 9.0.4.2, 9.0.4.20, 9.0.4.23, 9.0.4.24, 9.0.4.26, 9.0.4.29, 9.0.4.33, 9.0.4.35, 9.0.4.37, 9.0.4.38, 9.0.4.39, 9.0.4.40, 9.0.4.42, 9.0.4.5, 9.0.4.7, 9.0.4.8, 9.0.4.9, 9.1.1, 9.1.1.2, 9.1.1.4, 9.1.1.7, 9.1.1.8, 9.1.2, 9.1.2.3, 9.1.2.5, 9.1.2.6, 9.1.2.8, 9.1.3, 9.1.3.2, 9.1.3.4, 9.1.4, 9.1.4.3, 9.1.4.5, 9.1.4.6, 9.1.5, 9.1.5.1, 9.1.5.10, 9.1.5.12, 9.1.5.16, 9.1.5.19, 9.1.5.2, 9.1.5.21, 9.1.5.3, 9.1.5.6, 9.1.5.7, 9.1.6, 9.1.6.1, 9.1.6.10, 9.1.6.11, 9.1.6.4, 9.1.6.6, 9.1.6.8, 9.1.7, 9.1.7.11, 9.1.7.12, 9.1.7.13, 9.1.7.15, 9.1.7.19, 9.1.7.20, 9.1.7.21, 9.1.7.23, 9.1.7.25, 9.1.7.29, 9.1.7.31, 9.1.7.4, 9.1.7.6, 9.1.7.7, 9.1.7.9, 9.2.1, 9.2.2, 9.2.2.4, 9.2.2.6, 9.2.2.8, 9.2.3, 9.2.3.3, 9.2.3.4, 9.2.4, 9.2.4.10, 9.2.4.13, 9.2.4.14, 9.2.4.17, 9.2.4.18, 9.2.4.2, 9.2.4.22, 9.2.4.24, 9.2.4.25, 9.2.4.27, 9.2.4.28, 9.2.4.33, 9.2.4.4, 9.2.4.5, 9.2.4.8, 9.3.1, 9.3.1.1, 9.3.2, 9.3.2.2, 9.3.2.200, 9.3.2.204

Fixed versions: 9.10.1, 9.10.1.10, 9.10.1.11, 9.10.1.17, 9.10.1.2, 9.10.1.22, 9.10.1.27, 9.10.1.30, 9.10.1.32, 9.10.1.37, 9.10.1.40, 9.10.1.42, 9.10.1.44, 9.10.1.7, 9.12.1, 9.12.1.2, 9.12.1.3, 9.12.2, 9.12.2.1, 9.12.2.4, 9.12.2.9, 9.12.3, 9.12.3.12, 9.12.3.2, 9.12.3.7, 9.12.3.9, 9.12.4, 9.12.4.10, 9.12.4.13, 9.12.4.18, 9.12.4.2, 9.12.4.4, 9.12.4.7, 9.12.4.8, 9.13.1, 9.13.1.10, 9.13.1.12, 9.13.1.13, 9.13.1.16, 9.13.1.2, 9.13.1.21, 9.13.1.7, 9.14.1, 9.14.1.10, 9.14.1.15, 9.14.1.19, 9.14.1.30, 9.14.2, 9.14.2.13, 9.14.2.15, 9.14.2.4, 9.14.2.8, 9.15.1, 9.15.1.1, 9.15.1.10, 9.15.1.15, 9.15.1.7, 9.3.3, 9.3.3.1, 9.3.3.10, 9.3.3.11, 9.3.3.2, 9.3.3.6, 9.3.3.7, 9.3.3.9, 9.4.1, 9.4.1.1, 9.4.1.11, 9.4.1.13, 9.4.1.150, 9.4.1.2, 9.4.1.200, 9.4.1.202, 9.4.1.203, 9.4.1.204, 9.4.1.205, 9.4.1.207, 9.4.1.208, 9.4.1.240, 9.4.1.241, 9.4.1.3, 9.4.1.5, 9.4.1.6, 9.4.1.7, 9.4.1.8, 9.4.2, 9.4.2.11, 9.4.2.145, 9.4.2.3, 9.4.2.4, 9.4.2.6, 9.4.3, 9.4.3.11, 9.4.3.12, 9.4.3.3, 9.4.3.4, 9.4.3.6, 9.4.3.8, 9.4.4, 9.4.4.10, 9.4.4.12, 9.4.4.13, 9.4.4.14, 9.4.4.16, 9.4.4.17, 9.4.4.18, 9.4.4.2, 9.4.4.20, 9.4.4.22, 9.4.4.24, 9.4.4.25, 9.4.4.28, 9.4.4.29, 9.4.4.32, 9.4.4.34, 9.4.4.36, 9.4.4.37, 9.4.4.5, 9.4.4.6, 9.4.4.8, 9.5.1, 9.5.1.109, 9.5.1.200, 9.5.1.201, 9.5.1.203, 9.5.1.4, 9.5.1.5, 9.5.2, 9.5.2.1, 9.5.2.10, 9.5.2.11, 9.5.2.14, 9.5.2.2, 9.5.2.200, 9.5.2.203, 9.5.2.204, 9.5.2.207, 9.5.2.208, 9.5.2.246, 9.5.2.5, 9.5.2.6, 9.5.3, 9.5.3.1, 9.5.3.2, 9.5.3.6, 9.6.0.128, 9.6.1, 9.6.1.10, 9.6.1.11, 9.6.1.12, 9.6.1.19, 9.6.1.3, 9.6.1.5, 9.6.2, 9.6.2.1, 9.6.2.11, 9.6.2.13, 9.6.2.16, 9.6.2.2, 9.6.2.21, 9.6.2.22, 9.6.2.3, 9.6.2.4, 9.6.2.7, 9.6.3, 9.6.3.11, 9.6.3.12, 9.6.3.14, 9.6.3.17, 9.6.3.20, 9.6.3.23, 9.6.3.24, 9.6.3.3, 9.6.3.8, 9.6.3.9, 9.6.4, 9.6.4.10, 9.6.4.12, 9.6.4.14, 9.6.4.17, 9.6.4.18, 9.6.4.20, 9.6.4.23, 9.6.4.24, 9.6.4.25, 9.6.4.29, 9.6.4.3, 9.6.4.30, 9.6.4.34, 9.6.4.36, 9.6.4.40, 9.6.4.41, 9.6.4.42, 9.6.4.45, 9.6.4.5, 9.6.4.6, 9.6.4.8, 9.7.1, 9.7.1.10, 9.7.1.15, 9.7.1.16, 9.7.1.19, 9.7.1.2, 9.7.1.21, 9.7.1.23, 9.7.1.24, 9.7.1.7, 9.7.1.8, 9.8.1, 9.8.1.5, 9.8.1.7, 9.8.2, 9.8.2.10, 9.8.2.11, 9.8.2.14, 9.8.2.15, 9.8.2.17, 9.8.2.20, 9.8.2.22, 9.8.2.24, 9.8.2.26, 9.8.2.28, 9.8.2.3, 9.8.2.33, 9.8.2.35, 9.8.2.38, 9.8.2.45, 9.8.2.8, 9.8.3, 9.8.3.11, 9.8.3.14, 9.8.3.16, 9.8.3.18, 9.8.3.21, 9.8.3.26, 9.8.3.29, 9.8.3.8, 9.8.4, 9.8.4.10, 9.8.4.12, 9.8.4.15, 9.8.4.17, 9.8.4.20, 9.8.4.22, 9.8.4.25, 9.8.4.26, 9.8.4.29, 9.8.4.3, 9.8.4.32, 9.8.4.33, 9.8.4.34, 9.8.4.35, 9.8.4.7, 9.8.4.8, 9.9.1, 9.9.1.2, 9.9.1.3, 9.9.1.4, 9.9.1.5, 9.9.2, 9.9.2.1, 9.9.2.14, 9.9.2.18, 9.9.2.235, 9.9.2.25, 9.9.2.27, 9.9.2.32, 9.9.2.36, 9.9.2.40, 9.9.2.47, 9.9.2.50, 9.9.2.52, 9.9.2.56, 9.9.2.59, 9.9.2.61, 9.9.2.66, 9.9.2.67, 9.9.2.74, 9.9.2.80, 9.9.2.83, 9.9.2.85, 9.9.2.9

Relevant Products

Click on a version to see all relevant bugs

Affected versions:9.0.1, 9.0.1.1, 9.0.1.2, 9.0.1.4, 9.0.2, 9.0.2.10, 9.0.2.12, 9.0.2.2, 9.0.2.6, 9.0.2.8, 9.0.2.9, 9.0.3, 9.0.3.1, 9.0.3.10, 9.0.3.3, 9.0.3.6, 9.0.3.8, 9.0.4, 9.0.4.1, 9.0.4.11, 9.0.4.13, 9.0.4.17, 9.0.4.2, 9.0.4.20, 9.0.4.23, 9.0.4.24, 9.0.4.26, 9.0.4.29, 9.0.4.33, 9.0.4.35, 9.0.4.37, 9.0.4.38, 9.0.4.39, 9.0.4.40, 9.0.4.42, 9.0.4.5, 9.0.4.7, 9.0.4.8, 9.0.4.9, 9.1.1, 9.1.1.2, 9.1.1.4, 9.1.1.7, 9.1.1.8, 9.1.2, 9.1.2.3, 9.1.2.5, 9.1.2.6, 9.1.2.8, 9.1.3, 9.1.3.2, 9.1.3.4, 9.1.4, 9.1.4.3, 9.1.4.5, 9.1.4.6, 9.1.5, 9.1.5.1, 9.1.5.10, 9.1.5.12, 9.1.5.16, 9.1.5.19, 9.1.5.2, 9.1.5.21, 9.1.5.3, 9.1.5.6, 9.1.5.7, 9.1.6, 9.1.6.1, 9.1.6.10, 9.1.6.11, 9.1.6.4, 9.1.6.6, 9.1.6.8, 9.1.7, 9.1.7.11, 9.1.7.12, 9.1.7.13, 9.1.7.15, 9.1.7.19, 9.1.7.20, 9.1.7.21, 9.1.7.23, 9.1.7.25, 9.1.7.29, 9.1.7.31, 9.1.7.4, 9.1.7.6, 9.1.7.7, 9.1.7.9, 9.2.1, 9.2.2, 9.2.2.4, 9.2.2.6, 9.2.2.8, 9.2.3, 9.2.3.3, 9.2.3.4, 9.2.4, 9.2.4.10, 9.2.4.13, 9.2.4.14, 9.2.4.17, 9.2.4.18, 9.2.4.2, 9.2.4.22, 9.2.4.24, 9.2.4.25, 9.2.4.27, 9.2.4.28, 9.2.4.33, 9.2.4.4, 9.2.4.5, 9.2.4.8, 9.3.1, 9.3.1.1, 9.3.2, 9.3.2.2, 9.3.2.200, 9.3.2.204

Fixed versions: 9.10.1, 9.10.1.10, 9.10.1.11, 9.10.1.17, 9.10.1.2, 9.10.1.22, 9.10.1.27, 9.10.1.30, 9.10.1.32, 9.10.1.37, 9.10.1.40, 9.10.1.42, 9.10.1.44, 9.10.1.7, 9.12.1, 9.12.1.2, 9.12.1.3, 9.12.2, 9.12.2.1, 9.12.2.4, 9.12.2.9, 9.12.3, 9.12.3.12, 9.12.3.2, 9.12.3.7, 9.12.3.9, 9.12.4, 9.12.4.10, 9.12.4.13, 9.12.4.18, 9.12.4.2, 9.12.4.4, 9.12.4.7, 9.12.4.8, 9.13.1, 9.13.1.10, 9.13.1.12, 9.13.1.13, 9.13.1.16, 9.13.1.2, 9.13.1.21, 9.13.1.7, 9.14.1, 9.14.1.10, 9.14.1.15, 9.14.1.19, 9.14.1.30, 9.14.2, 9.14.2.13, 9.14.2.15, 9.14.2.4, 9.14.2.8, 9.15.1, 9.15.1.1, 9.15.1.10, 9.15.1.15, 9.15.1.7, 9.3.3, 9.3.3.1, 9.3.3.10, 9.3.3.11, 9.3.3.2, 9.3.3.6, 9.3.3.7, 9.3.3.9, 9.4.1, 9.4.1.1, 9.4.1.11, 9.4.1.13, 9.4.1.150, 9.4.1.2, 9.4.1.200, 9.4.1.202, 9.4.1.203, 9.4.1.204, 9.4.1.205, 9.4.1.207, 9.4.1.208, 9.4.1.240, 9.4.1.241, 9.4.1.3, 9.4.1.5, 9.4.1.6, 9.4.1.7, 9.4.1.8, 9.4.2, 9.4.2.11, 9.4.2.145, 9.4.2.3, 9.4.2.4, 9.4.2.6, 9.4.3, 9.4.3.11, 9.4.3.12, 9.4.3.3, 9.4.3.4, 9.4.3.6, 9.4.3.8, 9.4.4, 9.4.4.10, 9.4.4.12, 9.4.4.13, 9.4.4.14, 9.4.4.16, 9.4.4.17, 9.4.4.18, 9.4.4.2, 9.4.4.20, 9.4.4.22, 9.4.4.24, 9.4.4.25, 9.4.4.28, 9.4.4.29, 9.4.4.32, 9.4.4.34, 9.4.4.36, 9.4.4.37, 9.4.4.5, 9.4.4.6, 9.4.4.8, 9.5.1, 9.5.1.109, 9.5.1.200, 9.5.1.201, 9.5.1.203, 9.5.1.4, 9.5.1.5, 9.5.2, 9.5.2.1, 9.5.2.10, 9.5.2.11, 9.5.2.14, 9.5.2.2, 9.5.2.200, 9.5.2.203, 9.5.2.204, 9.5.2.207, 9.5.2.208, 9.5.2.246, 9.5.2.5, 9.5.2.6, 9.5.3, 9.5.3.1, 9.5.3.2, 9.5.3.6, 9.6.0.128, 9.6.1, 9.6.1.10, 9.6.1.11, 9.6.1.12, 9.6.1.19, 9.6.1.3, 9.6.1.5, 9.6.2, 9.6.2.1, 9.6.2.11, 9.6.2.13, 9.6.2.16, 9.6.2.2, 9.6.2.21, 9.6.2.22, 9.6.2.3, 9.6.2.4, 9.6.2.7, 9.6.3, 9.6.3.11, 9.6.3.12, 9.6.3.14, 9.6.3.17, 9.6.3.20, 9.6.3.23, 9.6.3.24, 9.6.3.3, 9.6.3.8, 9.6.3.9, 9.6.4, 9.6.4.10, 9.6.4.12, 9.6.4.14, 9.6.4.17, 9.6.4.18, 9.6.4.20, 9.6.4.23, 9.6.4.24, 9.6.4.25, 9.6.4.29, 9.6.4.3, 9.6.4.30, 9.6.4.34, 9.6.4.36, 9.6.4.40, 9.6.4.41, 9.6.4.42, 9.6.4.45, 9.6.4.5, 9.6.4.6, 9.6.4.8, 9.7.1, 9.7.1.10, 9.7.1.15, 9.7.1.16, 9.7.1.19, 9.7.1.2, 9.7.1.21, 9.7.1.23, 9.7.1.24, 9.7.1.7, 9.7.1.8, 9.8.1, 9.8.1.5, 9.8.1.7, 9.8.2, 9.8.2.10, 9.8.2.11, 9.8.2.14, 9.8.2.15, 9.8.2.17, 9.8.2.20, 9.8.2.22, 9.8.2.24, 9.8.2.26, 9.8.2.28, 9.8.2.3, 9.8.2.33, 9.8.2.35, 9.8.2.38, 9.8.2.45, 9.8.2.8, 9.8.3, 9.8.3.11, 9.8.3.14, 9.8.3.16, 9.8.3.18, 9.8.3.21, 9.8.3.26, 9.8.3.29, 9.8.3.8, 9.8.4, 9.8.4.10, 9.8.4.12, 9.8.4.15, 9.8.4.17, 9.8.4.20, 9.8.4.22, 9.8.4.25, 9.8.4.26, 9.8.4.29, 9.8.4.3, 9.8.4.32, 9.8.4.33, 9.8.4.34, 9.8.4.35, 9.8.4.7, 9.8.4.8, 9.9.1, 9.9.1.2, 9.9.1.3, 9.9.1.4, 9.9.1.5, 9.9.2, 9.9.2.1, 9.9.2.14, 9.9.2.18, 9.9.2.235, 9.9.2.25, 9.9.2.27, 9.9.2.32, 9.9.2.36, 9.9.2.40, 9.9.2.47, 9.9.2.50, 9.9.2.52, 9.9.2.56, 9.9.2.59, 9.9.2.61, 9.9.2.66, 9.9.2.67, 9.9.2.74, 9.9.2.80, 9.9.2.83, 9.9.2.85, 9.9.2.9

Top Cisco Defects

No bugs this month

Ready to prevent the next vendor outage?

Change history

2024-10-31 Added: 9.0.1, 9.0.1.1, 9.0.1.2, 9.0.1.4, 9.0.2, 9.0.2.10, 9.0.2.12, 9.0.2.2, 9.0.2.6, 9.0.2.8, 9.0.2.9, 9.0.3, 9.0.3.1, 9.0.3.10, 9.0.3.3, 9.0.3.6, 9.0.3.8, 9.0.4, 9.0.4.1, 9.0.4.11, 9.0.4.13, 9.0.4.17, 9.0.4.2, 9.0.4.20, 9.0.4.23, 9.0.4.24, 9.0.4.26, 9.0.4.29, 9.0.4.33, 9.0.4.35, 9.0.4.37, 9.0.4.38, 9.0.4.39, 9.0.4.40, 9.0.4.42, 9.0.4.5, 9.0.4.7, 9.0.4.8, 9.0.4.9, 9.1.1, 9.1.1.2, 9.1.1.4, 9.1.1.7, 9.1.1.8, 9.1.2, 9.1.2.3, 9.1.2.5, 9.1.2.6, 9.1.2.8, 9.1.3, 9.1.3.2, 9.1.3.4, 9.1.4, 9.1.4.3, 9.1.4.5, 9.1.4.6, 9.1.5, 9.1.5.1, 9.1.5.10, 9.1.5.12, 9.1.5.16, 9.1.5.19, 9.1.5.2, 9.1.5.21, 9.1.5.3, 9.1.5.6, 9.1.5.7, 9.1.6, 9.1.6.1, 9.1.6.10, 9.1.6.11, 9.1.6.4, 9.1.6.6, 9.1.6.8, 9.1.7, 9.1.7.11, 9.1.7.12, 9.1.7.13, 9.1.7.15, 9.1.7.19, 9.1.7.20, 9.1.7.21, 9.1.7.23, 9.1.7.25, 9.1.7.29, 9.1.7.31, 9.1.7.4, 9.1.7.6, 9.1.7.7, 9.1.7.9, 9.2.1, 9.2.2, 9.2.2.4, 9.2.2.6, 9.2.2.8, 9.2.3, 9.2.3.3, 9.2.3.4, 9.2.4, 9.2.4.10, 9.2.4.13, 9.2.4.14, 9.2.4.17, 9.2.4.18, 9.2.4.2, 9.2.4.22, 9.2.4.24, 9.2.4.25, 9.2.4.27, 9.2.4.28, 9.2.4.33, 9.2.4.4, 9.2.4.5, 9.2.4.8, 9.3.1, 9.3.1.1, 9.3.2, 9.3.2.2, 9.3.2.200, 9.3.2.204

Links

Original Vendor Announcement

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise