Apply software updates urgently to avoid SSD burnout, warns Aruba

Older software versions can cause premature eMMC and SSD degradation, the company admits

Network vendor Aruba is urging owners of 6300 and 6400 series switches to upgrade their AOS-CX operating system to implement significant improvements to memory usage and prolong the life of their devices.

According to the company, it has noticed that software older than version 10.04.3031 writes to the memory at an accelerated and unintended pace, causing premature eMMC or SSD degradation and reliability.

Like many other appliances, Aruba switches come with some eMMC or SSD that support a fixed number of write cycles and allow users to store "config files, databases, scripts, and so forth."

The company recommends users to upgrade their software immediately to avoid SSD burnout issues and to extend the life of their switches.

After the upgrade, the storage utilisation rate will meet or exceed the deployment lifetime of the switch, Aruba said.

According to The Register, the disk-damaging code in Aruba's software was first noticed last month.

On 29 October, the company announced that it has released a new version 10.05.0021 for AOS-CX 10.05 branch of the software.

The company claims that its AOS-CX is a new, modern, fully programmable OS built using a database-centric design that ensures higher availability and dynamic software process changes for reduced downtime.

Version 10.05.0001, which was released on 10^th October, is the initial build of major version 10.05 software.

The software update from Aruba comes less than two months after the firm patched a critical bug in Aruba ClearPass Policy Manager that exposed host systems to remote exploitation.

The bug, tracked as CVE-2020-7115, was discovered by security researcher Daniel "Dozer" Jensen, who said that the bug relates to how ClearPass handles certificate validation.

Aruba ClearPass Policy Manager acts a secure access gatekeeper for IoT, guest devices and bring-your-own-device on corporate networks.

The security flaw was addressed with the release of Aruba ClearPass Policy Manager version 6.9.1.

In addition to CVE-2020-7115, Aruba also released patches for CVE-2020-7117 and CVE-2020-7116 vulnerabilities that could allow attackers to compromise underlying operating systems.