New possible exploit for 2.0.33 (kfree_skb error)

From: Paul (xeroxat_private)
Date: Wed Apr 15 1998 - 10:53:47 PDT

Next message: Alan Cox: "Re: New possible exploit for 2.0.33 (kfree_skb error)"

Previous message: Ted Hickman [Network Admin]: "syndrop / modified version"
Next in thread: Alan Cox: "Re: New possible exploit for 2.0.33 (kfree_skb error)"
Reply: Alan Cox: "Re: New possible exploit for 2.0.33 (kfree_skb error)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have received this message on multiple machines in the past 3 days..
This could be the sign of a new exploit. I have also managed to find a few
others on IRC that have had the same exact error message. If anyone knows
what exactly causes it and how to fix it please let us know.   The
"syndrop" program generates the kfree error but it does not crash the box
(at least the one that I have tested)
Here is the error:

Apr 14 23:51:36 web1 kernel: Warning: kfree_skb passed an skb still on a
list (from 0286a554).
Apr 14 23:51:36 web1 kernel: general protection: 0000
Apr 14 23:51:36 web1 kernel: CPU:    0
Apr 14 23:51:36 web1 kernel: EIP:    0010:[kfree_skb+146/244]
Apr 14 23:51:36 web1 kernel: EFLAGS: 00010206
Apr 14 23:51:36 web1 kernel: eax: 00000000   ebx: 40095c44   ecx: 0019d9ec
edx: 07abe414
Apr 14 23:51:36 web1 kernel: esi: 0286a554   edi: 00000000   ebp: 0286a528
esp: 00198cc4
Apr 14 23:51:36 web1 kernel: ds: 0018   es: 0018   fs: 002b   gs: 0018
ss: 0018
Apr 14 23:51:36 web1 kernel: Process swapper (pid: 0, process nr: 0,
stackpage=00196e60)
Apr 14 23:51:36 web1 kernel: Stack: ffffffec 077a8958 0286a554 00142278
0286a554 00000000 077a8958 00000000
Apr 14 23:51:36 web1 kernel:        077a8958 03bd8e18 00000040 00000040
0286a528 0286a554 00142661 077a8958
Apr 14 23:51:36 web1 kernel:        0000002e 0000cb0c 0000cb3c 001b0008
00000000 03bd8e18 0000002c 00000014

-----------------------------------------------------------------------------

Next message: Alan Cox: "Re: New possible exploit for 2.0.33 (kfree_skb error)"
Previous message: Ted Hickman [Network Admin]: "syndrop / modified version"
Next in thread: Alan Cox: "Re: New possible exploit for 2.0.33 (kfree_skb error)"
Reply: Alan Cox: "Re: New possible exploit for 2.0.33 (kfree_skb error)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:49:23 PDT