Leap Second bug


Could someone please confirm, or direct me to the right person, whether Extreme products are affected by the Leap Second bug?

13 replies

Userlevel 7
Hi - Thanks for the question!
I just wanted to let you know that we're looking into this and I'll get back to you as soon as there is more information to share.
hello,

I received by Extreme Networks:

"

Linux kernel versions from 2.6.26 to 3.3 (inclusive) are vulnerable to a deadlock condition in the handling of leap second adjustments provided provided through NTP. The next leap second adjustment is going to occur on June 30th, 2015, and there is potential for this to cause Linux-based Extreme Networks products to crash/hang.

What is a leap second ? http://www.nist.gov/pml/div688/leapseconds.cfm

"

http://learn.extremenetworks.com/rs/extreme/images/VN-2015-002-Leap_Second.pdf
Does anyone know when XOS 16.2.1 will be released?
Userlevel 7
Nobel wrote:

Does anyone know when XOS 16.2.1 will be released?

This question should be posted in its own topic.

Please reference the new conversation here: When will EXOS 16.2 be released?
Hello,
I would ask this question specifically for the "C" and "S" series switches. Are they affected and where will this information be published. June 30 is quickly approaching and plans for upgrades or possible outages needs to be put in place as early as possible.
thnks in advance
Userlevel 7
Walt Witkowski wrote:

Hello,
I would ask this question specifically for the "C" and "S" series switches. Are they affected and where will this information be published. June 30 is quickly approaching and plans for upgrades or possible outages needs to be put in place as early as possible.
thnks in advance

Hi Walt,
The C and S series switches have been reviewed and were found to not be vulnerable to the Leap Second bug because they aren't Linux based platforms. You can find this information in the link mentioned above, reposted here for convenience: http://learn.extremenetworks.com/rs/extreme/images/VN-2015-002-Leap_Second.pdf

If you've got other questions, let us know! I/we will be happy to answer them.

-Drew
Userlevel 2
Does the leap second affect users of sntp as well or just ntp?
Userlevel 7
Since it was asked and then removed, I'll go ahead and mention...
Switches running SNTP aren't subject to this issue because leap seconds don't receive special handling under the SNTP protocol.
Reference: https://gtacknowledge.extremenetworks.com/articles/Q_A/Are-Extreme-Networks-products-vulnerable-to-VN-2015-002-Leap-Second/
Userlevel 2
LEAP SECOND REMINDER: the next adjustment will be on June 30, 2015.
For Extreme product vulnerability and recommendations, please view: http://learn.extremenetworks.com/rs/extreme/images/VN-2015-002-Leap_Second.pdf
I have XOS switches running and it will definetly be affected. However, I confirgured SNTP on my switches. Please confrim and eleborate if I will be affectted by this leap second issue.
Thanks in advance.
Userlevel 7
Judith Mamba wrote:

I have XOS switches running and it will definetly be affected. However, I confirgured SNTP on my switches. Please confrim and eleborate if I will be affectted by this leap second issue.
Thanks in advance.

Please see my post slightly above this one. SNTP is not affected.
Userlevel 3
hi all,

Is it going to happen again in end of December 2016???

Please advise. Thanks.
Userlevel 5
Hi All,

The above query has been taken care in the below-mentioned thread.

https://community.extremenetworks.com/extreme/topics/leap-second-security-vulnerability-urgent-atten...

Reply