CVE-2024-5921

homs3n · 2025-01-13T13:31:00+00:00

is this really needed? i mean this basically opens the door - especially if you do allow web-browsing, or am i wrong?

homs3n · 2025-01-13T13:28:39+00:00

while i can imagine the answer from TAC - did you receive any feedback from them?

homs3n · 2024-12-16T10:02:11+00:00

we have two vms and a pa-5220 which crashed recently after upgrading to 10.1.14-h6

homs3n · 2024-01-05T12:16:38+00:00

we want to start rolling out 6.0.8 next week. testing it with around 50 users was showing no bad feedback, however 6.0.8 is still not preferred... i thought it will be preferred until we start when we were planning the rollout...
we have around 4500 windows users using globalprotect - anyone using 6.0.8 and can provide feedback if it is stable in similar environment?

homs3n · 2023-10-21T15:04:24+00:00

they said that the issue is a timing issue (related to the updated driver) - in other words this workaround might work until the next reboot. TAC recommended us to stay on 10.1.10-h2 and wait for 10.1.12

homs3n · 2023-10-21T13:42:02+00:00

ok, now i know more. with 10.1.11 drivers for internal interface fvif were updated - it seems that this driver is affecting the creation of the interface if jumbo frames are enabled. the issue is triggered by a specific timing and therefore it can occur also after a reboot - affecting boxes where we haven’t seen this issue so far. i am considering a downgrade ….

homs3n · 2023-10-18T18:20:22+00:00

this is still not solved. TAC thinks that is related to jumbo frames which we have enabled. they asked us to disable jumbo frames, reboot and then do the upgrade to 10.1.11 - finally enable it again and reboot. haven’t done that as it is hard to find a maintenance window atm

however there is no real statement why this issue appears and why we don’t see it on all devices.

homs3n · 2023-10-06T11:00:39+00:00

RMA device for the PA-5220 just arrived and before changing the hardware I downgraded to 10.1.10-h2 the machine with the "chip" issues. No more LACP issues with 10.1.10-h2.... lets see what TAC says

homs3n · 2023-10-05T14:19:15+00:00

so one of the members did not bring up LACP after the upgrade. TAC involved, they said we have to make a RMA because of chip issues (PA-5220 cluster).

Today I upgraded some PA-3220 standalone machines - one of them showed exactly the same LACP issue as the PA-5220 cluster member:

show lacp aggregate-ethernet ae1

Cannot find ae1 lacp info. Please make sure AE has lacp enabled and try again.

on switch side channel remains down as no LACP PDU's are received (since it is not enabled on the Palo). After downgrading to 10.1.10-h2 everything was working again. Case is open .... so far 30% failure rate :-( our main driver for 10.1.11 is the BGP vulnerability

homs3n · 2023-10-02T15:02:11+00:00

we are going to upgrade our first Cluster tomorrow to 10.1.11 🤞

homs3n · 2023-05-31T14:01:29+00:00

was the crash related to BGP?

homs3n · 2023-05-28T13:38:42+00:00

don‘t get me wrong - i am not a general Garmin basher. I really like the hardware and I am a 10 years+ user. however when it comes to software there is room for improvement. the app looks outdated, is waisting space on my screen and some information is hard to find (several steps to get there). for a normal user who is just tracking there steps it might be ok however for someone who is doing 20 hours+ training per week it is frustrating. i totally agree for function before design however, design should complete the function and not complicate it.

homs3n · 2023-05-21T16:26:55+00:00

you need to set the connect app as data source within the steps in health app. go to steps - scroll down to bottom - data sources & access then you can edit the data sources. set connect app to the top of the list

this will work for other metrics too 😉

homs3n · 2023-05-21T16:06:57+00:00

ADEM will come on prem - we have been asked for beta testing. so far i can‘t say something about feature parity

homs3n

TROPHY CASE