Operational Defect Database
BugZero updated this defect 3 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
Palo Alto Networks | PAN-195541
When a DNS request is submitted to the DNS Security service for inspection, the dataplane pan-task process (all_pktproc) might fail during the DNS request process, or when the dataplane cache is reset, or if the cache output is generated through the CLI, resulting in firewall crashes or the inability/reduced capability to process network traffic. The following CLI commands can trigger a crash of the all_pktproc process: debug dataplane reset dns-cache all debug dataplane show dns-cache print show dns-proxy dns-signature cache clear dns-proxy dns-signature cache
Last update date:
5/16/2024
Affected products:
Pan OS
Affected releases:
10.2.3
10.2.2
Fixed releases:
No fixed releases provided.
Description:
The earliest recollection of this bug is traced back to PAN-OS 10.2.2 - May 16, 2024. When a DNS request is submitted to the DNS Security service for inspection, the dataplane pan-task process (all_pktproc) might fail during the DNS request process, or when the dataplane cache is reset, or if the cache output is generated through the CLI, resulting in firewall crashes or the inability/reduced capability to process network traffic. The following CLI commands can trigger a crash of the all_pktproc process: debug dataplane reset dns-cache all debug dataplane show dns-cache print show dns-proxy dns-signature cache clear dns-proxy dns-signature cache For more information: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-release-notes/pan-os-10-2-2-known-and-addressed-issues/pan-os-10-2-2-known-issues https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-release-notes/pan-os-10-2-3-known-and-addressed-issues/pan-os-10-2-3-known-issues
