| Reference Number | Related Article |
Found In |
Fixed In |
Issue Description |
| DXLM-3845 | SB10287 | 4.0.0 | DXL 4.0.0 Hotfix 10 DXL 4.1.2 Hotfix 4 |
Issue: CVE-2019-11477, CVE-2019-11478 and CVE-2019-11479 regarding Linux kernel TCP Sad SACK vulnerability. CVE-2019-11477 - The TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). CVE-2019-11478 - The TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. CVE-2019-11479 - The Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. |
| 1270387 | SB10272 SB10258 |
4.0.0 | DXL 4.0.0 Hotfix 9 DXL 4.1.2 Hotfix 3 |
Issue: CVE-2019-3598 and CVE-2018-6703 regarding vulnerabilities with McAfee Agent on McAfee Linux Operating System (MLOS). For more information, see the related articles. |
| 1262486 | SB10266 | 4.0.0 | DXL 4.0.0 Hotfix 9 DXL 4.1.2 Hotfix 1 DXL 5.0.1 |
Issue: CVE-2018-0737 regarding an OpenSSL RSA Key generation algorithm vulnerability. For more information, see the related article. |
| 1270186 | SB10279 | 4.0.0 | DXL 4.0.0 Hotfix 9 DXL 4.1.2 Hotfix 3 |
Issue: CVE-2019-3612 regarding information disclosure vulnerability. For more information, see the related article. |
| 1262141 | - | 4.1.0 | DXL 4.1.2 Hotfix 1 |
Issue: After an upgrade, multiple dxlsetup.exe processes are found running that never close. |
| 1259156 | - | 4.0.0 | DXL 4.1.2 Hotfix 1 DXL 4.0.0 Hotfix 8 |
Issue: CVE-2018-15473 regarding an OpenSSH vulnerability. |
| 1254598 | - | 4.1.0 | DXL 4.1.2 Hotfix 1 DXL 4.0.0 Hotfix 8 |
Issue: Security fixes for the DXL Broker MLOS platform, for vulnerabilities related to CVE-2018-5390 and CVE-2018-5391. |
| 1228079 | KB90301 | DXL 4.1.1 ENS 10.6 |
ENS 10.7 DXL 4.1.1 Repost |
Issue: Blue screen (system crash) occurs when:
|
| 1240830 | - | 4.0 | 4.1.1 Repost |
Issue: An update of kernels on an Oracle virtual machine server results in the failure of the system to boot. |
| 1236251 | KB90036 | 4.x | n/a | Issue: Unable to check DXL platform.zip package into the ePolicy Orchestrator (ePO) repository. Orion.log records the following error:
com.mcafee.orion.core.servlet.SizeLimitExceededException: org.apache.tomcat.util.http.fileupload.FileUploadBase$SizeLimit
Resolution: See the related article.ExceededException: the request was rejected because its size (282533025) exceeds the configured maximum (262144000) |
Data Exchange Layer 4.x Known Issues
Technical Articles ID:
KB89741
Last Modified: 9/10/2019
Last Modified: 9/10/2019
Environment
McAfee Data Exchange Layer (DXL) 4.x
Summary
Recent updates to this article:
Product release information
GA - General Availability
n/a - not available
1 DXL 4.1.1 was pulled from the Product Downloads site on August 16, 2018. See reference 1228079 in the "Critical known issues" section for more details.
Contents
Click to expand the section you want to view:
n/a = not applicable
n/a = not applicable
Back to top
| Date | Update |
| September 10, 2019 | Added the issues resolved in DXL 4.0.0 Hotfix 10 (RTS) and DXL 4.1.2 Hotfix 4 (RTS): DXLM-3845. |
| May 7, 2019 | Added DXL 4.0.0 Hotfix 9 for the reference numbers: 1262486, 1270186, 1270387. |
| April 9, 2019 | Added the issues resolved in DXL 4.1.2 Hotfix 3 (General Availability release): 1270186, 1270387, and 1270407. Added a reference to a Security Bulletin for the issue 1270186. |
| March 20, 2019 | Link to KB90499 (unpublished) changed to KB90036 (consolidated content). |
| March 12, 2019 | Added the issues resolved in DXL 4.1.2 Hotfix 2 (Release to Support): 1266922 1265827 and 1266219. |
To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged on to subscribe.
Product release information
| DXL Version | Release Date | Release Notes |
| DXL 4.1.2 Hotfix 4 (RTS) | September 10, 2019 | – |
| DXL 4.1.2 Hotfix 3 (GA) | April 9, 2019 | PD28305 |
| DXL 4.1.2 Hotfix 2 (RTS) | March 12, 2019 | – |
| DXL 4.1.2 Hotfix 1 (GA) | January 23, 2019 | PD28173 |
| DXL 4.1.2 (GA) | November 13, 2018 | PD28067 |
| DXL 4.1.1.123 (Repost) | September 11, 2018 | PD27889 |
| DXL 4.1.1.113 (GA) 1 | August 7, 2018 (no longer available) | n/a |
| DXL 4.1.0 Hotfix 1 | May 31, 2018 | PD27789 |
| DXL 4.1.0 (GA) | April 24, 2018 | PD27560 |
| DXL 4.0.0 Hotfix 10 (RTS) | September 10, 2019 | – |
| DXL 4.0.0 Hotfix 9 (GA) | May 7, 2019 | PD28307 |
| DXL 4.0.0 Hotfix 8 (GA) | November 13, 2018 | PD28085 |
| DXL 4.0.0 Hotfix 7 | July 23, 2018 | PD27814 |
| DXL 4.0.0 Hotfix 5 | March 27, 2018 | PD27548 |
| DXL 4.0.0 Hotfix 4 | February 15, 2018 | PD27546 |
| DXL 4.0.0 Hotfix 3 | January 31, 2018 | PD27422 |
| DXL 4.0.0 Hotfix 2 | November 15, 2017 | PD27323 |
| DXL 4.0.0 Hotfix 1 | October 20, 2017 | PD27322 |
| DXL 4.0 (GA) | November 13, 2017 (Client) October 17, 2017 (Server) |
PD27304 |
n/a - not available
1 DXL 4.1.1 was pulled from the Product Downloads site on August 16, 2018. See reference 1228079 in the "Critical known issues" section for more details.
Issue resolutions in updates and major releases are cumulative; Technical Support recommends that you install the latest version. To find the most recent release for your product, visit the Product Downloads site at http://www.mcafee.com/us/downloads/downloads.aspx.
Contents
Click to expand the section you want to view:
| Reference Number | Related Article | Found In |
Fixed In |
Issue Description |
| 1270407 | - | 4.1.0 | DXL 4.1.2 Hotfix 3 | Issue: When deploying the DXL client on the SUSE Linux Enterprise Server from ePO, the install fails with an error. |
| 1266922 | 4.1.0 | 4.1.2 Hotfix 2 | Issue: During the ePO certificate migration process, IPE does not connect to the Broker after you restart the service. | |
| 1265827 | 4.1.0 | 4.1.2 Hotfix 2 | Issue: DXL Agent Wake-up fails when the request is sent to multiple systems. | |
| 1266219 | 4.1.0 | 4.1.2 Hotfix 2 | Issue: DXL client fails to install on MLOS and Mac systems. | |
| 1256921 | KB90963 | 4.1.1 | 4.1.2 | Issue: The following error is encountered when you try to remove the DXL Client Management extension:
An error has occurred while removing extension DXLClientMgmt
|
| 1257035 | - | 4.1.1 | 4.1.2 |
Issue: Unable to uninstall 4.1.1 DXLClient Extension because of a null pointer issue. Reported errors:
|
| 1255335 | - | 4.1.0 | 4.1.2 | Issue: Upgrades fail because of a sequence of updates in the Broker MLOS platform. Reported error:
"error: Failed dependencies:
Kernel >= 4.9.79-1 is needed by intel-ucode-20180807-2.mlos2.x86_64" |
| 1257375 | - | 4.1.0 | 4.1.2 5.0.0 |
Issue: DXL C++ client failed to pass all responses for a synch request to integrated applications on 64-bit Linux systems. Reported tieserver.log errors:
|
| 1255765 | - | 3.1.0 | 4.1.2 | Issue: Java client does not reconnect after a network interruption. |
| 1251073 | - | 4.1.0 |
4.1.1
Repost |
Issue: Performance issue when you access the ePO System Tree. Deadlock errors recorded in the server log. Resolution: Added a unique constraint to the index "IX_DXLClientCustomProps_ParentID" in the "DXLClientCustomPropsMT" table. |
| 1233789 | KB90586 | 3.1.0 | 4.1.1 Repost |
Issue: The DXL client for ePO timed out in large networks with many connection events. |
| 1238332 | - | 4.0 | 4.1.1 Repost |
Issue: Nessus scans of the broker appliance show that OpenSSH supports the use of weak DHE key sizes. NOTE: This issue was previously resolved by DXL 4.0 HF7 and DXL 4.1 HF1. |
| 1238334 | - | 4.0 | 4.1.1 Repost |
Issue: An upgrade of a DXL C++ client on a Mac system to DXL 4.1 (4.1.0.184.1) leads to all DXL files being deleted. These include certificates, configuration files, and logs. NOTE: This issue was previously resolved by DXL 4.0 HF7 and DXL 4.1 HF1. |
| 1238351 | - | 4.0 | 4.1.1 Repost |
Issue: When you install a C++ client on a system with a product that injects the DXL C++ client Installer MSI, the client fails to install if untrusted. NOTE: This issue was previously resolved by DXL 4.0 HF7 and DXL 4.1 HF1. |
| 1238353 | KB82851 | 4.0 | 4.1.1 Repost |
Issue: The DXL Linux MER script does not obtain all broker logs. The script only grabs: /var/McAfee/dxlbroker/logs/dxlbroker*.log when it must grab: /var/McAfee/dxlbroker/logs/dxlbroker.log* NOTE: This issue was previously resolved by DXL 4.0 HF7 and DXL 4.1 HF1. |
| 1238926 | - | 4.0 | 4.1.1 Repost |
Issue: ENS endpoints do not receive the reputation change event through DXL. NOTE: This issue was previously resolved by DXL 4.0 HF7 and DXL 4.1 HF1. |
| 1242564 | - | 4.0 | 4.1.1 Repost |
Issue: Some DXL clients stay in a not connected state after an upgrade to 4.0.x. These client systems do not have any pem files under the folder: programdata\mcafee\data_exchange_layer Logs state the following error: DxlMQTTConnection: error creating SSL context
DxlMQTTConnection: use private key failed NOTE: This issue was previously resolved by DXL 4.0 HF7 and DXL 4.1 HF1.
Workaround: Reinstall the DXL client. |
| 1242677 1247028 |
- | 4.1.0 Hotfix 1 |
4.1.1 Repost |
Issue: After you install DXL 4.1.0 with Hotfix 1 on a combined McAfee Active Response (MAR) and Threat Intelligence Exchange (TIE) appliance, the following error displays when you perform a DXL lookup:
The system cannot be looked up in DXL because it does not have a DXL Client installed.
|
| 1239573 | - | 4.1.0 | 4.1.1 Repost |
Issue: Repeated flushing of the System dxl_service.log during the boot cycle. |
| 1243477 | - | - | 4.1.1 Repost |
Issue: System crash on macOS Mojave 10.4 running in true 64-bit mode with the error: Crash details: Process: dxlsetupconfig [2927]
Path: /opt/McAfee/*/dxlsetupconfig Identifier: dxlsetupconfig Version: ??? Code Type: X86-64 (Native) Parent Process: ??? [2926] Responsible: dxlsetupconfig [2927] User ID: 0 Termination Reason: EXEC, [0xd] This binary requires 32-bit x86 support, which has been disabled with boot-arg: -no32exec. |
| 1246227 | - | 4.1.0 | 4.1.1 Repost |
Issue: DXL Client Management extension upgrade fails with error: "Cannot insert duplicate key in object 'dbo.DXLClientEpoPropsMT'. The duplicate key value is (986)." |
| 1228255 1228242 |
- | 4.0 | 4.1.0 | Issue: The DXL C++ client stops working, or crashes, after it is upgraded to version 4.0.0 on a Hyper-V host. Cause: This issue exists in VScore 15.7. Resolution: Upgrade to the DXL 4.1.0 client, which uses VScore 15.8. |
| - | - | - | 4.0 Hotfix 8 |
Issue: Support for Microsoft Windows 10 Version 1809 (October 2018 Update). |
| 1164239 | - | 3.1.0 | 4.0 | Issue: Certificate-based authentication does not work as expected in multi-ePO environments. Workaround: To use certificate-based authentication in a multi-ePO environment, you must import the third-party certificates in all ePO instances and repeat the certificate-based authorization restrictions on each ePO instance manually. |
| 1165882 1167807 |
- | 3.0.0 | MA 5.0.5 With DXL 3.1.0 and later |
Issue: MAR occasionally experiences client installation failures because the time required to disconnect from the DXL API causes a timeout. Cause: The DXL API takes too long to disconnect because the McAfee Agent message bus times out while it stops. Workaround: MAR 2.0 client installations work correctly as long as there are no outstanding MAR requests for data. If there are outstanding MAR data requests, try again when there are no outstanding MAR data requests and it succeeds. |
| 1156706 | - | 3.0.0 | 3.0.1 | Issue: When VirusScan Enterprise Common Maximum Protection is set to Block, DXL C++ Client installation fails. Explanation: The DXL Client is written in C++ and uses the VC++ redistributables. The DXL C++ Client Installer checks whether the VC++ packages are installed on the system and, if not, installs them. The VC++ Installer tries to create the AUTORUN Registry key to ensure it is restarted after a reboot. When Common Maximum Protection is set to Block, the Installer is blocked from installing the VC++ redistributables, and the DXL C++ Client installation fails. Workaround: When Common Maximum Protection is set to Block, you need to add the following two file names to the Exclusion List: MICROSOFTVISUALC++2012REDISTPACKAGEX86.EXE MICROSOFTVISUALC++2012REDISTPACKAGEX64.EXE |
| 1263569 | - | EPR | - | Issue: The Endpoint Product Removal (EPR) tool does not remove all versions of Data Exchange Layer. The EPR tool is a utility customers might use to uninstall all McAfee endpoint products. Because the tool might not fully remove all components and registry items related to a product, customers might experience install or upgrade issues after using the EPR tool. These issues are possible if references to their product or the components they use were not removed, for example, VSCore. |
| 1260610 | - | 5.0 | - | Issue: When you install DXL on macOS systems, the installer does not detect if a newer version of DXL is installed. The older version is installed even if there is a newer version present. This issue occurs on all versions of DXL that support macOS. |
| 1232934 | KB90521 | 4.1 | - | Issue: When you try to install a DXL Broker on an Oracle VM Server, the installation fails and the following error displays at the Installer Setup:
Loading Xen Virtualization modules...
modprobe: can't load module xen-acpi-processor (kernel/drivers/xen/xen-acpi-proc - ssor.ko): No such device modprobe can't load module xen-pciback (kernel/drivers/xen/xen-pciback/xen-pcib ck.ko): No such device Resolution: Engineering is investigating this emerging issue, and it will be resolved in a future product release or hotfix. To subscribe for updates to this issue, see the related article. |
| 1205832 | KB89839 | 4.0 | n/a | Issue: The DXL client installer for Microsoft Windows might fail if a policy is enforced during a DXL install or upgrade. Key error details found in the MSI log: Error 0xFFFFFFFF:
Process returned non-zero return code : (null) Key error details found in the VSCore log, ... - AAC is not installed. err=170
... - ERROR! Failed to create AAC Control. err=170 Cause: This issue occurs when a product tries to update the AAC policy, but AAC is disabled because of a VSCore upgrade. Resolution: To recover the system, press and hold the power button to force a hard restart. Correct behavior is the system restarts normally and continues to install DXL. See the related article for details. |
| 1236251 | KB90036 | 4.1 | n/a | Issue: The DXL platform.zip fails to check in to ePO. Cause: The platform.zip size has increased to 269 MB because the largest packages were added to address the Spectre and Meltdown CVEs. Resolution: Edit the \Server\conf\epo\epo.properties file, change the File.upload.limit size to 300. To make the change active, restart the ePO services. |
| 1189148 | KB89090 | 3.1.0 | n/a | Issue: Data Exchange Layer Brokers and Clients require equivalent or later Extension versions to function correctly. Resolution: Install or upgrade to the equivalent or later version of all DXL Extensions. See the related article for details. |
| - | - | DXL 3.0.1 Hotfix 2 And DXL 3.0.0 Hotfix 4 |
n/a | Issue: Uninstallation of DXL Windows client versions older than DXL 3.0.1 Hotfix 2 and DXL 3.0.0 Hotfix 4 fails in the following scenarios. The failure occurs when only the DXL client and McAfee Agent 5.0.5 are installed on the system:
Resolution: There are two ways to resolve this issue:
|
| 1143741 | - | 3.0.0 | n/a | Issue: When you use Internet Explorer 10, if you select an ePO locale different from the locale with which the operating system was installed, a date format issue occurs. The date format in some areas of the Data Exchange Layer Fabric page does not match the date format in other parts of ePO. For example, Last refresh date and DXL Broker, Health, Start Time.
|
| 1157983 | - | DXL 2.0.1 Hotfix 1 | n/a | Issue: DXL might fail to uninstall or upgrade if file scanning software is present. This issue can occur when you uninstall or upgrade from DXL versions later than or equal to DXL 2.0.1 Hotfix 1 and earlier than DXL 3.0.0. The MSI log contains the following error:
ResetVtpCacheSchedule: getting property: VTPINFOEXE
ResetVtpCacheSchedule: extracting binary stream: mfedxutil64.exe ResetVtpCacheSchedule: creating temp path: mfedxutil64.exe ResetVtpCacheSchedule: deleting file: C:\Windows\Temp\mfedxutil64.exe ResetVtpCacheSchedule: Error 0x80070020: failed to delete file: C:\Windows\Temp\mfedxutil64.exe : The process cannot access the file because it is being used by another process. CustomAction ResetVtpCacheSchedule returned actual error code 1603 (note this might not be 100% accurate if translation happened inside sandbox) Action ended 9:53:30: ResetVtpCacheSchedule. Return value 3. |
| 1107302 | KB86114 | 2.0.1 | n/a | Issue: DXL fails to install on Windows Server 2008. The DXL MSI log (C:\Windows\Temp\McAfeeLogs) contains the following error:
Failed to open access handle : A certificate chain could not be built to a trusted root authority. |
| 1082794 | - | 2.0.0 | n/a | Issue: The Clients Connected count on the DXL Fabric Visualization page shows the number of connected clients and the number of incoming bridges. |
| 1026559 | - | 2.0.0 | n/a | Issue: Bridges can be overlapped on the DXL Fabric Visualization page. |
| 1068538 | - | 1.1.0 | n/a | Issue: DXL Remote Management string "dxl.system.notifyAgent.cmd.success" or "dxl.system.requestAgent.cmd.success" appears in the Audit Log. Explanation: In ePO 5.3, when DXL is installed, ePO uses the Notify Agent Command or the Request Agent Command to contact an Agent to take several actions. This operation generates an Audit Log entry with an action of Notify Agents or Request Agents and the "success" message is: "dxl.system.notifyAgent.cmd.success" This message is just a string display error with the Notify Agent Command and Request Agent Command where the resource property key it uses for "success" messages is incorrect. |
| 1023923 | - | 1.0.1 | n/a | Issue: The DXL client, when deployed through ePO or installed manually, does not start after installation on 64-bit Linux client systems. Resolution: On the Linux client system, install the needed 32-bit libraries (for Red Hat-based distributions, use the command: yum install glibc.i686 libstdc++.i686) and then start the DXL Client service. NOTE: Debian-based distributions are not currently supported. |
| 1003419 | - | 1.0.1 | n/a |
Issue: When a user adds a system to a Tag used in the DXL Topic Authorization, the system does not appear in DXL until the Manager DXL Brokers server task runs. This action occurs once per day by default.
Workaround: To see the system in the Tags, manually run the server task Manager DXL Brokers. |
| 987172 | KB83123 | 1.0.1 | n/a |
Issue: When you install DXL, the DXL MMS service fails to start if Avecto Privilege Guard is installed.
Resolution: This issue occurs when Avecto Privilege Guard tries to "hook" McAfee processes by loading its own code (a DLL) into the McAfee process. See the related article for issue details and resolution options. |
| 973129 | 1.0.1 | n/a |
Issue: The following OpenSSL error message displays in the DXL log file:
[E] OpenSSL Error: error:140940E5:SSL routines:
SSL3_READ_BYTES:ssl handshake failure |
Back to top
Related Information
To see a list of articles about known issues in DXL 4.x, click here.
McAfee product software, upgrades, maintenance releases, and documentation are available from the Product Downloads site at: http://www.mcafee.com/us/downloads/downloads.aspx.
NOTE: You need a valid Grant Number for access. KB56057 provides additional information about the Product Downloads site, and alternate locations for some products.
NOTE: You need a valid Grant Number for access. KB56057 provides additional information about the Product Downloads site, and alternate locations for some products.
