[cfarm-users] cfarm427 and cfarm430 crashing
Jacob Bachmeyer
jcb62281 at gmail.com
Thu Jun 19 04:08:01 CEST 2025
On 6/18/25 09:05, Luke Yasuda via cfarm-users wrote:
> Hi!
>
> I've noticed that cfarm427 and cfarm430 (both FreeBSD) have crashed
> (kernel panic) 2~3 times this month. Anyone has any idea why this happens?
I am less familiar with FreeBSD, but that *looks* like some kind of
rogue TCP/IPv6 packets are causing crashes in the network code.
It would be very interesting if you could catch the packets that are
causing this (you might need another box sniffing a mirrored switch port
with either an unconfigured NIC "raw" or a different (Linux?) kernel)
and identify what is going wrong. This *looks* like a remotely
exploitable DoS in FreeBSD. I hope it is happening by accident.
A search for 'FreeBSD tcp_do_segment "sent too much"' in search of
source code led to
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=282605 where it seems
that there have been similar bugs. I suggest opening a bug report at
FreeBSD. It also looks like FreeBSD has features that can include
recently-received packets in crash dumps, which solves the need for
another box to catch the network traffic.
-- Jacob
More information about the cfarm-users
mailing list