PAN-OS 11.2.4-h9 Addressed Issues
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
-
-
-
-
-
-
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
- PAN-OS 10.0 (EoL)
- PAN-OS 9.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 8.1 (EoL)
-
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 10.2
- PAN-OS 10.1
PAN-OS 11.2.4-h9 Addressed Issues
PAN-OSĀ® 11.2.4-h9 addressed issues.
Issue ID
|
Description
|
---|---|
PAN-290239
|
(PA-455 firewalls in active/passive high availability (HA)
configurations only) Fixed an issue where, after an
upgrade, the TCP session for syslog forwarding did not resume after
the syslog server service was disabled and then re-enabled, which
caused logs to be dropped. This occurred when the syslog server was
down for more than 16 minutes.
|
PAN-289102
|
(PA-7500 Series, PA-5410, PA-5420, PA-5430, PA-5440, PA-5445,
PA-3400 Series, PA-1400 Series, PA-400 Series, VM-Series, and
CN-Series firewalls only) Fixed a race condition issue
related to predict processing, which resulted in a dataplane restart
and traffic loss.
|
PAN-287002
|
A fix was made to address CVE-2025-0133.
|
PAN-285894
|
Fixed an issue where the all_task process stopped
responding, which caused the firewall to reboot unexpectedly, and
traffic failures occurred.
|
PAN-285651
|
(Panorama appliances in active/passive HA configurations on
Microsoft Azure environments only) Fixed an issue on
Panorama that caused firewalls to disconnect unexpectedly.
|
PAN-285590
|
(VM-Series firewalls on Amazon Web Services (AWS) GWLB
environments only) Fixed an issue where the firewall CPU
usage reached 100% after upgrading to PAN-OS 11.1.6-h1.
|
PAN-284066
|
Fixed an issue where, after an upgrade, the SNMP polled values for
IF-MIB::ifInErrors displayed a high
number of errors that did not match the values in the CLI show
interface command.
|
PAN-283789
|
(Firewalls in HA configurations only) Fixed an issue where,
after an upgrade, the mac receive error
counter in receive incoming errors increased,
which resulted in SNMP alerts.
|
PAN-283467
|
(PA-3400 Series firewalls only) Fixed an issue where the
firewall unexpectedly rebooted and entered maintenance mode due to a
ctd-agent out-of-memory (OOM) condition. This occurred during
advanced services load testing and a high volume of IoT EAL log
forwarding.
|
PAN-283331
|
Fixed an issue where selective pushes to managed devices failed when
the User ID Master Device was configured.
|
PAN-282069
|
Fixed an issue on Panorama where Security policy rules were removed
from device groups when you cloned or edited Security policy rules
that used more than 63 characters.
|
PAN-280532
|
Fixed an issue where, after disabling and re-enabling the external
syslog server, the TCP session was not resumed, which caused all
logs that were forwarded to the syslog server to be dropped.
|
PAN-279621
|
Fixed an issue where processes stopped responding when HTTPS Forward
traffic was run.
|
PAN-275077
|
Fixed an issue where DNS Security intermittently logs malicious
domain URLs as Alert instead of taking a Sinkhole action, even when
configured to Sinkhole malicious DNS domains.
|
PAN-274570
|
Fixed an issue where the devsrvr process restarted after
a failed commit due to an invalid memory access.
|
PAN-274314
|
(PA-1400 Series, PA-3400 Series, and PA-5400 Series firewalls
only) Fixed an issue where, when the pan_task
process restarted, control plane packets were dropped, which could
impact LACP and pings to host interfaces.
|
PAN-272006
|
Fixed an issue where the firewall did not trigger a kernel core dump
as a large core when the CPLD (Complex Programmable Logic Device)
sent a Non-Maskable Interrupt (NMI) to the CPU.
|
PAN-271913
|
Fixed an issue on firewalls in HA configurations where, when using
the Cloud Identity Engine (CIE), the firewall experienced consistent
memory leaks on the active firewall, which caused unexpected
failovers.
|
PAN-271273
|
Fixed an issue where dynamic update downloads failed when
IPv6 firewalling was enabled on the
firewall and both IPv4 and IPv6 were configured on the management
interface.
|
PAN-270379
|
Fixed an issue where socket files created in the /tmp directory were
not cleared.
|
PAN-269052
|
Fixed an issue where traffic was blocked by a URL filtering profile
even though the Security policy rule did not have a URL filtering
profile configured.
|
PAN-269027
|
Fixed an issue related to external dynamic lists that caused commit
times on the firewall to be higher than expected.
|
PAN-268708
|
Fixed an issue where PDF summary and email reports displayed IPv6
addresses instead of IPv4 addresses.
|
PAN-268705
|
Fixed an intermittent issue where the firewall failed to process FTP
traffic after upgrading to PAN-OS 10.1.14.
|
PAN-268127
|
Fixed an issue where tagging devices in Panorama did not work as
expected.
|
PAN-267444
|
Fixed an issue where large file downloads or uploads failed or
remained in an incomplete state when using DLP HTTP2 mirror mode.
|
PAN-266900
|
Fixed an issue on the Panorama web interface where you were unable to
click OK after selecting an install package
type and file from the dropdown and selecting a firewall.
|
PAN-265745
|
Fixed an issue where the firewall displayed incorrect MAC receive
error counters for VMWare devices hosted in ESXi.
|
PAN-263973
|
Fixed an issue where log collectors had a low incoming log rate.
|
PAN-261825
|
Fixed an issue where traffic was dropped when Data Loss Prevention or
Advanced URL Filtering were enabled. This occurred when the payload
size was greater than 3.5 KB.
|
PAN-261673
|
(VM-Series firewalls on Microsoft Azure environments only)
Fixed an issue where, when Accelerated Networking was enabled,
traffic was dropped because of the
flow_parse_ip_hdr counter related
to an Nvidia driver issue.
|
PAN-261429
|
Fixed an issue where the show auth
radius-require-msg-authentic CLI command
displayed no output.
|
PAN-259706
|
Fixed an issue on Panorama where the web interface was slower than
expected or unresponsive when monitoring definitions were added in
the Kubernetes plugin.
|
PAN-258680
|
Fixed an issue on Panorama where, when you removed Security profile
groups from a Security policy rule via the CLI and committed the
change, the Security policy rule was deleted.
|
PAN-257267
|
(VM-Series firewalls only) Fixed an issue where a warning
message was displayed after a commit, and a critical system log was
generated when the configuration size exceeded the maximum size.
|
PAN-255619
|
Fixed an intermittent issue where file downloads from websites failed
when decrypting HTTP/2 traffic.
|
PAN-254901
|
Fixed an issue where GlobalProtect user-to-IP address mapping was
removed even though the tunnel for the specific user was up and
traffic was being passed.
|
PAN-252669
|
Fixed an issue where the ikemgr process stopped
responding with a SIGSEGV error.
|