On 6/18/25 09:05, Luke Yasuda via cfarm-users wrote:
Hi!
I've noticed that cfarm427 and cfarm430 (both FreeBSD) have crashed
(kernel panic) 2~3 times this month. Anyone has any idea why this happens?
I am less familiar with FreeBSD, but that *looks* like some kind of
rogue TCP/IPv6 packets are causing crashes in the network code.
It would be very interesting if you could catch the packets that are
causing this (you might need another box sniffing a mirrored switch port
with either an unconfigured NIC "raw" or a different (Linux?) kernel)
and identify what is going wrong. This *looks* like a remotely
exploitable DoS in FreeBSD. I hope it is happening by accident.
A search for 'FreeBSD tcp_do_segment "sent too much"' in search of
source code led to
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=282605 where it seems
that there have been similar bugs. I suggest opening a bug report at
FreeBSD. It also looks like FreeBSD has features that can include
recently-received packets in crash dumps, which solves the need for
another box to catch the network traffic.
-- Jacob
_______________________________________________
cfarm-users mailing list
[email protected]
https://lists.tetaneutral.net/listinfo/cfarm-users
