Irritating Cisco bug

Took me a long time to figure this one out... On a Cisco router, specifically Cisco 2900 running early versions of IOS 15.2, you may be completely baffled by access-lists on your interfaces failing to work! If you do a "debug ip access-list data-plane" you see the following error:

Sep 13 09:42:45: IPACL-DP: Pkt Matched against EPM list, Action: Deny
Sep 13 09:42:45: IPACL-DP: Pkt matched punt/drop it
Sep 13 09:42:45: IPACL-DP: Pkt is dropped in cef path: interface GigabitEthernet0/1 inbound direction

If this is the case for you, it's a bug in IOS. See here. Bug is number CSCtt19027. Cisco say:

ACL applied on serial or Gi interface drops all packets with permit any

Symptoms: When ACL is applied to the serial interface or Gigabit interface, ping failure seen even though the permit statement is there. Conditions: The symptom is observed when ACL is configured on the serial interface or Gigabit interface. Workaround: Enable EPM by installing the security license. Further Problem Description: This is seen with those images where EPM is not supported and because of that an EPM call always gives a return value as "deny" due to registry call.

Hope this helps someone, because when I searched, I couldn't get any hits for "Matched against EPM list" at all!