From owner-freebsd-security Mon Jan 24 0:58:18 2000 Delivered-To: freebsd-security@freebsd.org Received: from apollo.backplane.com (apollo.backplane.com [216.240.41.2]) by hub.freebsd.org (Postfix) with ESMTP id 77F3915910 for ; Mon, 24 Jan 2000 00:58:14 -0800 (PST) (envelope-from dillon@apollo.backplane.com) Received: (from dillon@localhost) by apollo.backplane.com (8.9.3/8.9.1) id AAA85243; Mon, 24 Jan 2000 00:58:07 -0800 (PST) (envelope-from dillon) Date: Mon, 24 Jan 2000 00:58:07 -0800 (PST) From: Matthew Dillon Message-Id: <200001240858.AAA85243@apollo.backplane.com> To: Darren Reed Cc: freebsd-security@FreeBSD.ORG Subject: Re: kernel panic's still due to mbuf problems. References: <200001232329.KAA02494@cairo.anu.edu.au> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org :Amongst all these `stream.c' emails, I noticed at least one which :had a FreeBSD panic message saying there were no mbuf's free. I :think it was for a 3.4 system. *That* is the bug which should be :fixed. : :Darren I noticed that one too, but the author's email (if we are talking about the same one) also said that the attack went on for an hour before his machine paniced, which leads me to believe that the TCP stack is not to blame. I've emailed the author some things to try. Specifically, it is possible that the problem is related to the machine's route table eating all available KVM from temporary routes created by the spoofed source addresses. There are sysctl's available to limit that sort of damage. It is also possible that we still have a leak somewhere. -Matt Matthew Dillon To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message