...
BugZero updated this defect 20088 days ago.
The earliest recollection of this bug is traced back to PAN-OS 8.1.18 - January 09, 2024. This bug is fixed in PAN-OS versions 8.1.18, 9.1.5. A fix was made to address a vulnerability where Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5000 Series, PA-5200 Series, and PA-7000 Series firewalls were not cleared before the data frame was created ( CVE-2021-3031 ). For more information: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-release-notes/pan-os-8-1-addressed-issues/pan-os-8-1-18-addressed-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-addressed-issues/pan-os-9-1-5-addressed-issues
8.95
Fixed an issue wherer DNS proxy TCP connections were processed incorrectly, which caused a process (`dnsproxy`) to stop responding.8.95
Fixed an issue where, in two separate but simultaneous sessions, the same software packet buffer was owned and processed.8.95
Fixed an issue where the dataplane restarted repeatedly after a reboot due to an internal path monitoring failures until a power cycle.9.5
Fixed an intermittent issue where the presence of an Anti-Spyware profile in a Security policy rule that matched DNS traffic caused DNS responses to be malformed in transit.8.95
Fixed an issue where the management CPU remained at 100% due to a large number of configured User-ID agents.