Leap Second bug

  • 0
  • 3
  • Question
  • Updated 2 years ago
  • Answered
Could someone please confirm, or direct me to the right person, whether Extreme products are affected by the Leap Second bug?
Photo of waqas

waqas

  • 350 Points 250 badge 2x thumb

Posted 4 years ago

  • 0
  • 3
Photo of Drew C.

Drew C., Community Manager

  • 40,816 Points 20k badge 2x thumb
Hi - Thanks for the question!
I just wanted to let you know that we're looking into this and I'll get back to you as soon as there is more information to share.
Photo of egtrainer

egtrainer

  • 144 Points 100 badge 2x thumb

hello,

I received by Extreme Networks:

"

Linux kernel versions from 2.6.26 to 3.3 (inclusive) are vulnerable to a deadlock condition in the handling of leap second adjustments provided provided through NTP. The next leap second adjustment is going to occur on June 30th, 2015, and there is potential for this to cause Linux-based Extreme Networks products to crash/hang.

What is a leap second ? http://www.nist.gov/pml/div688/leapseconds.cfm

"

http://learn.extremenetworks.com/rs/extreme/images/VN-2015-002-Leap_Second.pdf

 

 

Photo of Nobel

Nobel

  • 282 Points 250 badge 2x thumb
Does anyone know when XOS 16.2.1 will be released?
Photo of Drew C.

Drew C., Community Manager

  • 40,796 Points 20k badge 2x thumb
This question should be posted in its own topic.

Please reference the new conversation here: When will EXOS 16.2 be released?
(Edited)
Photo of Walt Witkowski

Walt Witkowski

  • 436 Points 250 badge 2x thumb
Hello,
I would ask this question specifically for the "C" and "S" series switches.  Are they affected and where will this information  be published.  June 30 is quickly approaching and plans for upgrades or possible outages needs to be put in place as early as possible.
thnks in advance
Photo of Drew C.

Drew C., Community Manager

  • 40,796 Points 20k badge 2x thumb
Hi Walt,
The C and S series switches have been reviewed and were found to not be vulnerable to the Leap Second bug because they aren't Linux based platforms.  You can find this information in the link mentioned above, reposted here for convenience:  http://learn.extremenetworks.com/rs/extreme/images/VN-2015-002-Leap_Second.pdf

If you've got other questions, let us know!  I/we will be happy to answer them.

-Drew
Photo of Drew C.

Drew C., Community Manager

  • 40,816 Points 20k badge 2x thumb
Since it was asked and then removed, I'll go ahead and mention...
Switches running SNTP aren't subject to this issue because leap seconds don't receive special handling under the SNTP protocol.
Reference:  https://gtacknowledge.extremenetworks.com/articles/Q_A/Are-Extreme-Networks-products-vulnerable-to-VN-2015-002-Leap-Second/
Photo of Weidle, Bert

Weidle, Bert, Alum

  • 534 Points 500 badge 2x thumb
LEAP SECOND REMINDER:  the next adjustment will be on June 30, 2015.
For Extreme product vulnerability and recommendations, please view:    http://learn.extremenetworks.com/rs/extreme/images/VN-2015-002-Leap_Second.pdf 
Photo of Judith Mamba

Judith Mamba

  • 60 Points
I have XOS switches running and it will definetly be affected. However, I confirgured SNTP on my switches. Please confrim and eleborate if I will be affectted by this leap second issue.
Thanks in advance.
Photo of Drew C.

Drew C., Community Manager

  • 40,796 Points 20k badge 2x thumb
Please see my post slightly above this one. SNTP is not affected.
Photo of Paul

Paul

  • 2,026 Points 2k badge 2x thumb
hi all,

Is it going to happen again in end of December 2016???

Please advise. Thanks.
Photo of Vellachery, Sumeesh

Vellachery, Sumeesh, Employee

  • 3,288 Points 3k badge 2x thumb
Hi All,

The above query has been taken care in the below-mentioned thread.

https://community.extremenetworks.com/extreme/topics/leap-second-security-vulnerability-urgent-atten...
(Edited)