iTnews Asia
  • Home
  • News
  • Security

Cisco fixes mystery orchestrator crashes

Cisco fixes mystery orchestrator crashes

Hunts down and plugs memory leak.

By Richard Chirgwin on Sep 2, 2022 3:00PM

Enterprises using Cisco’s Network Services Orchestrator (NSO) software seeing mystery crashes now have a solution.

NSO is a multivendor system that links network automation and orchestration tools with the underlying physical and virtual infrastructure, with applications in enterprise and service provider environments.

In a recent field notice, the networking giant discovered a process in the software that causes a resources leak and eventual crash – and the time between crashes depends only on the resources allocated to the software.

It affects twenty versions of NSO 5, from 5.6 to 5.8.2.

The problem is that an API called cbd-diff-iterate is available to subscribers, but also used internally by Cisco for licensing and notification purposes.

“This affects customers who use Smart Licensing, use notification-kicker, or directly call the API through C, Python, Java, or econfd. 

“Any change under /kickers/notification-kicker or /devices/device will trigger an internal subscription, which leads to the leak”, Cisco’s field notice explained.

The internal subscribers cannot be disabled. 

“Once enough transactions have been performed, the Cisco NSO process will get terminated due to exhausting all available resources … The number of transactions that can be performed before termination will depend on the resources allocated to Cisco NSO,” Cisco explained.

Three versions have been released to fix the issue: NSO 5.6.7.1, 5.7.5.1, and 5.8.2.1.

For admins that can’t yet install the upgrades, Cisco recommends regular restarts.

 

To reach the editorial team on your feedback, story ideas and pitches, contact them here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
api automation cisco network services orchestrator nso security software

Related Articles

  • How can the Agentic AI workspace remain secure for APAC organisations?
  • AI-fuelled attacks forcing enterprises to rethink security architecture
  • Malicious AI agents can severely disrupt APAC enterprises
  • A data-first AI strategy is critical to managing security threats in 2026
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

How can the Agentic AI workspace remain secure for APAC organisations?

How can the Agentic AI workspace remain secure for APAC organisations?

AI-fuelled attacks forcing enterprises to rethink security architecture

AI-fuelled attacks forcing enterprises to rethink security architecture

Malicious AI agents can severely disrupt APAC enterprises

Malicious AI agents can severely disrupt APAC enterprises

Identity is now the new cybersecurity battlefield

Identity is now the new cybersecurity battlefield

All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of Lighthouse Independent Media's Privacy Policy and Terms & Conditions.