End-of-Life (EoL)

PAN-OS 7.1.24 Addressed Issues

PAN-OS® 7.1.24 addressed issues
The following table lists the issues that are addressed in the PAN-OS® 7.1.24 release. For new features, associated software versions, known issues, and changes in default behavior, see PAN-OS 7.1 Release Information. Before you upgrade or downgrade to this release, review the information in Upgrade to PAN-OS 7.1.
Starting with PAN-OS 7.1.5, all unresolved known issues and any newly addressed issues in these release notes are identified using new issue ID numbers that include a product-specific prefix. Issues addressed in earlier releases and any associated known issue descriptions continue to use their original issue ID.
Issue ID
A security-related fix was made to address the Netflix Linux kernel TCP SACK vulnerability (PAN-SA-2019-0013 / CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, and CVE-2019-5599).
A security-related fix was made to address an issue where the php-debug log incorrectly displayed non-sanitized data (PAN-SA-2019-0019 / CVE-2019-1575).
A security-related fix was made to address a use-after-free (UAF) vulnerability in the Linux kernel (PAN-SA-2019-0017 / CVE-2019-8912).
Fixed an issue where a race condition caused a process (
) to restart with an error message:
Connecting to managementserver failed
Fixed an intermittent issue where an IKE manager memory leak caused the firewall to stop responding.
Fixed an intermittent issue where the firewall dropped packets when the policy rule was set to allow but denied the packets during a commit or high availability (HA) sync.
A security-related fix was made to address an issue where you were unable to retrieve GlobalProtect™ cloud service threat packet captures from the Logging Service on Panorama M-Series and virtual appliances.
Fixed memory issues on Palo Alto Networks hardware and virtual appliances that caused intermittent management plane instability.
PA-5000 Series firewalls only
) Fixed an issue where extra byte (1 to 7) padding were appended to the initial SYN and UDP packets, which caused the server to stop responding.
A security-related fix was made to address cleartext passwords and keys that were visible in the logs for XML API calls (PAN-SA-2019-0019 / CVE-2019-1575).
Fixed an issue where the
show config audit base-version
command continuously increased the number of file descriptors and caused the management server to exit and restart.
Fixed an issue on an M-100 appliance in an HA configuration where administrators could not reestablish access to the appliance after a session ended unexpectedly.
Fixed an issue where simultaneous management access allowed only one user to log in at a time.
Fixed an issue where commits failed when a Panorama appliance running a PAN-OS 8.0 release pushed a template to a firewall running a PAN-OS 7.1 release due to file size limits.

Recommended For You