Bugtraq mailing list archives
syndrop / modified version
From: ted () sy net (Ted Hickman [Network Admin])
Date: Wed, 15 Apr 1998 16:36:51 -0400
Dear Sir or Madam, Forgive me for this is my first post. However at about 12:00 am this morning my machine crashed. Machine info: dual 233 mhz smp 256 megs of ram 2.0.33 + solar designer's patch I was curious as it had an 80 day uptime as to why it crashed. I found this in the syslog: Apr 15 00:44:02 shell kernel: Warning: kfree_skb passed an skb still on a list (from 03608164). Apr 15 00:44:02 shell kernel: general protection: 0000 Apr 15 00:44:02 shell kernel: CPU: 0 Apr 15 00:44:02 shell kernel: EIP: 0010:[kfree_skb+146/248] Apr 15 00:44:02 shell kernel: EFLAGS: 00010206 Apr 15 00:44:02 shell kernel: eax: 00000000 ebx: 40095c44 ecx: 00000030 edx: 00000001 Apr 15 00:44:02 shell kernel: esi: 03608164 edi: 00000000 ebp: 03608138 esp: 001d8738 Apr 15 00:44:02 shell kernel: ds: 0018 es: 0018 fs: 002b gs: 0018 ss: 0018 I thought that perhaps this was a DOS so I consulted #linux and found that 5 to 10 other people were experiencing similiar attacks. With the recent release of syndrop I figured it might be this DOS. I tried syndrop on myself only to find out that it gave the same error msg however no crash: Apr 15 08:48:22 shell-2 kernel: Warning: kfree_skb passed an skb still on a list (from 0059ff1c). Apr 15 08:48:23 shell-2 kernel: Warning: kfree_skb passed an skb still on a list (from 01000058). Apr 15 08:48:23 shell-2 kernel: Warning: kfree_skb passed an skb still on a list (from 0059fc28). Apr 15 08:48:23 shell-2 kernel: Warning: kfree_skb passed an skb still on a list (from 0059fe20). Apr 15 08:48:23 shell-2 kernel: Warning: kfree_skb passed an skb still on a list (from 0059ff1c). So I figure that this is a modified version of syndrop. If this has been reported could you direct me to the patch as my machine has crashed with the same symptoms about 3 times today. -- Theodore D. Hickman Jr. Director of Network Administration 1 (800) 957 0047 ted () sy net Syberspace Corporation http://www.sy.net 883 Cooper Landing Rd #244 Cherry Hill, NJ 08002
Current thread:
- Linux 2.0.33 vulnerability: fragment patterns, (continued)
- Linux 2.0.33 vulnerability: fragment patterns Alan Cox (Apr 16)
- Linux 2.0.33 vulnerability: oversized packets Michal Zalewski (Apr 17)
- Linux 2.0.34pre10: Summary of fixed vulnerabilities Alan Cox (Apr 20)
- Re: Linux 2.0.33 vulnerability: oversized packets Jon Lewis (Apr 20)
- Re: Linux 2.0.33 vulnerability: oversized packets Krzysztof G. Baranowski (Apr 21)
- code to crash cistron's radius Hamdi Tounsi (Apr 21)
- nestea v2. The program that DoS's 2.0.33s The Tree of Life (Apr 18)
- xdm problems Thomas Roessler (Apr 16)
- Re: xdm problems Matthieu Herrb (Apr 20)
- SECURITY: procps 1.2.7 fixes security hole Aleph One (Apr 20)