Resolved Issues in ExtremeXOS 16.2.4

The following issues were resolved in ExtremeXOS 16.2.4. ExtremeXOS 16.2.4 includes all fixes up to and including ExtremeXOS 11.6.5.3, and earlier, ExtremeXOS 12.0.5, ExtremeXOS 12.1.7, ExtremeXOS 12.2.2-patch1-12, ExtremeXOS 12.3.6, ExtremeXOS 12.4.5, ExtremeXOS 12.5.5, ExtremeXOS 12.6.3, ExtremeXOS 12.6.5, ExtremeXOS 12.7.1, ExtremeXOS 15.1.5, ExtremeXOS 15.2.4, ExtremeXOS 15.3.3, ExtremeXOS 15.4.1, ExtremeXOS 15.5.1, ExtremeXOS 15.5.2, ExtremeXOS 15.6.1, ExtremeXOS 15.6.2, ExtremeXOS 15.7.1, ExtremeXOS 16.1, ExtremeXOS 16.1.2, ExtremeXOS 16.1.3, ExtremeXOS 16.2, ExtremeXOS 16.2.2, and ExtremeXOS 16.2.3. For information about those fixes, see the release notes for the specific release.

Table 1. Resolved Issues, Platform-Specific, and Feature Change Requests (CRs) in ExtremeXOS 16.2.4
CR Number Description
General
xos0068002 File system check of /dev/hda8 failed error occurs during switch power cycle after “manufacture-init”.
xos0068086 The command show port transceiver/configuration does not display information for certain (manufactured in 2014) FINISAR optics (40GBase-SR4).
xos0068687 Multicast traffic sent to host randomly stops after enabling OnePolicy with PVID 4095.
xos0068840 NetLogin process ends unexpectedly with signal 11, when client sends logoff message before completing the authentication process.
xos0068888 When the command show tech-support all detail is executed after running "enable cli-config-logging", messages beginning with "serial unknown" appear in the log. This issue also occurs when executed from a Telnet session.
xos0069051 After 65,000 new FDB entries are learned, subsequent entries are continuously added and deleted.
xos0069061 Exsshd process ends unexpectedly with signal 11 during stack failover.
xos0069114 The show configuration command output displays additional word "minutes" under "aaa" module when lockout-time-period is configured.
xos0069150 In the output of the show vlan command, ports can have both "!" and "*" flags set if the port is a share group port.
xos0069180 Cannot configure some IP security features after removing and adding ports from VLANs.
xos0069196 Inconsistent port learning flag was seen in HAL with PVLAN and MLAG configuration.
xos0069210 Unable to create private VLAN with 32-character name if the first 31 characters match an existing private VLAN name.
xos0067515 VPWS traffic forwarding stops after performing failover in the switch.
xos0067587 When running show tech-support command with user-created VRs, show configuration command does not display full configuration.
xos0069262 Kernel oops occurs due to incorrect calculation of physical address.
Summit X770 Series Switches
xos0069487 HAL process ends unexpectedly with signal 6 when switch boots up with PTP configurations.
Security
xos0069140
The following are ExtremeXOS vulnerabilities due to scripting allowed when in FIPS mode:
  • Escape from EXSH restricted shell (CVE-2017-14331)
  • Information disclosure (CVE-2017-14327)
  • Privilege Escalation (root interactive shell) (CVE-2017-14329)
  • Privilege Escalation (root interactive shell) (CVE-2017-14330)
The following are additional ExtremeXOS vulnerabilities:
  • Denial-of-service (CVE-2017-14328).
  • Session hijacking (CVE-2017-14332).

For more information about these vulnerabilities, see Vulnerability Notice.