1. Home
    2. PAN-OS
    3. PAN-OS® Release Notes
    4. PAN-OS 9.0 Addressed Issues
    5. PAN-OS 9.0.15 Addressed Issues
    End-of-Life (EoL)

    PAN-OS 9.0.15 Addressed Issues

    PAN-OS® 9.0.15 addressed issues.
    Issue ID
    Description
    PAN-184592
    A fix was made to address a remote code execution vulnerability in Elasticsearch included with Panorama management servers known as Log4Shell (CVE-2021-44228).
    PAN-183767
    Fixed an issue where downloading Dynamic Updates files failed when connected to the static update server at
    us-static.updates.paloaltonetworks.com
    .
    PAN-179581
    Fixed an issue on firewalls in high availability (HA) configurations where a process (brdagent) stopped responding on a suspended active peer, which caused the suspended firewall to continue sending traffic.
    PAN-174055
    Fixed an issue where SNMP readings reported as 0 for dataplane interface packet statistics for Amazon Web Services (AWS) m5n.4xlarge instance types. This issue occurred because the physical port counters read from MAC addresses were reported as 0.
    PAN-173978
    Fixed an issue where the Elasticsearch process continuously restarted if zero-length files were present.
    PAN-172783
    Fixed an issue on an HA active/passive configuration where old (GPRS tunneling protocol) GTP-U tunnel sessions did not sync to the passive firewall during some upgrades, such as upgrading from a PAN-OS 8.1 release version to a 9.0 release version or upgrading from a 9.0 release version to a 9.1 release version.
    PAN-172490
    Fixed an issue on firewalls in HA configuration where HA-2 links continuously flapped on HSCI interfaces after upgrading to PAN-OS 8.1.19.
    PAN-172243
    Fixed an issue where NetFlow traffic triggered a packet buffer leak.
    PAN-171203
    Fixed an issue in an HA configuration where, when one firewall was active and its peer was in a suspended state, the suspended firewall continued to send traffic, which triggered the detection of duplicate MAC addresses.
    PAN-170825
    Fixed an issue where, when a partial
    Preview Change
     job failed, a process (configd) stopped responding.
    PAN-170595
    Fixed an issue with Content and Threat Detection where traffic patterns created a bus error, which caused the all_pktproc process to stop responding and the dataplane to restart.
    PAN-166299
    (
    PA-3000 Series firewalls only
    ) Fixed an issue where Server Message Block (SMB) sessions failed due to resource unavailability.
    PAN-166180
    Fixed an issue where SNMPV3 traps were not processed by the
    snmptrap
     receiver after a firewall reboot.
    PAN-161496
    Fixed an issue when calculating the incremental checksum after a post-NAT translation where the arguments to
    pan_in_cksm32_diff
     overflowed the 32-bit integer.
    PAN-160708
    Fixed an issue where the dataplane restarted after configuring a
    deny_all
     policy.
    PAN-160238
    Fixed an issue where intermittent VXLAN packet drops occurred if the TCI was not configured for inspecting VXLAN traffic. This issue occurred when traffic was migrated from a firewall running a PAN-OS version earlier than PAN-OS 9.0 to a firewall running PAN-OS 9.0 or later.
    PAN-158280
    Fixed an issue where SMB session were discarded with the following error message:
    ctd out of resource
    .
    PAN-157730
    Fixed an issue where, after a firewall reboot, a commit or auto-commit operation failed with the following error message:
    ID population failed
    . This issue occurred because the Phase1 ID assignment failure did not trigger an idmgr reset.
    PAN-157725
    Fixed an issue on firewalls where URL category responses were not processed by the dataplane in a timely fashion, which adversely affected web-browsing traffic.
    PAN-157632
    Fixed an intermittent issue where the firewall dropped GTP-U traffic with the message
    TEID=0x00000000
    .
    PAN-154526
    Fixed an issue where a process (genindex.sh) caused high memory usage on the management plane. Due to the resulting out-of-memory (OOM) condition, multiple processes stopped responding.
    PAN-154433
    Fixed an issue where the firewall was unable to detect end-user IP address spoofing on the GTP-U for a user data session when using an IPv6 address.
    PAN-150097
    Fixed an issue where hourly URL summary log generation failed.
    PAN-147256
    (
    Firewalls in HA configurations only
    ) Fixed an issue where connections to the SafeNet hardware security module (HSM) were lost after upgrading to a new major PAN-OS release.
    PAN-141454
    Fixed an issue where the output of the CLI command
    show running resource-monitor ingress-backlogs
     displayed an incorrect total utilization value.
    PAN-128634
    A debug command was added to provide more verbose output when troubleshooting packet processing on the firewall.
    PAN-113093
    Fixed an intermittent issue where, when the DNS Security cloud was not reachable, DNS responses had bad UDP checksums.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo