lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4ACCC25A.200@i-neo.ro>
Date:	Wed, 07 Oct 2009 19:31:22 +0300
From:	Epure Daniel <daniel.epure@...eo.ro>
To:	linux-kernel@...r.kernel.org
Subject: BUG with iptables 1.4.4 IMQ and ipset patch

Hello,

I installed iptables ver. 1.4.4 with an IMQ and ipset patch on a server 
with linux kernel vers 2.6.29.6. The modified ebuild that apply the 
patch is attached. Also the kernel config is attached.I got the 
following error.
Version of ipset is 2.4.7 - net-firewall/ipset-2.4.7
Distro is gentoo running on a server dual Intel(R) Xeon(TM) CPU 2.80GHz



BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<c05d1d28>] checkentry+0x8/0x90
*pde = 00000000
Oops: 0000 [#1] SMP
last sysfs file: /sys/class/net/eth1.20/type

Pid: 6994, comm: iptables Not tainted (2.6.29.6-core2-ineo10 #2) 
PowerEdge 2650
EIP: 0060:[<c05d1d28>] EFLAGS: 00010296 CPU: 0
EIP is at checkentry+0x8/0x90
EAX: f61e0e14 EBX: 00000000 ECX: c07ef9c0 EDX: c05d1d20
ESI: 00000020 EDI: 00000000 EBP: 00000000 ESP: f61e0d6c
 DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
Process iptables (pid: 6994, ti=f61e0000 task=f6b4dcb0 task.ti=f61e0000)
Stack:
 000200d2 00000000 f61e0e90 f61e0e14 c0589324 00000000 00000040 00000000
 c0588dd5 02002180 f8186f94 f8186f94 f8187004 f8186000 c05d0b2e 00000000
 00000002 00000044 00000000 f6161b40 f8187240 f818716e 0000000e f61e0e90
Call Trace:
 [<c0589324>] xt_check_match+0xd4/0x190
 [<c0588dd5>] xt_find_match+0xc5/0xd0
 [<c05d0b2e>] translate_table+0x3ee/0x750
 [<c05d1035>] do_ipt_set_ctl+0x1a5/0x400
 [<c0117ff4>] do_page_fault+0x294/0x6b0
 [<c02de104>] prio_tree_remove+0xa4/0xf0
 [<c0585bc6>] nf_sockopt+0xf6/0x110
 [<c0585c33>] nf_setsockopt+0x23/0x30
 [<c0599303>] ip_setsockopt+0x93/0xb0
 [<c0554ae3>] sock_common_setsockopt+0x23/0x30
 [<c055296d>] sys_setsockopt+0x5d/0xc0
 [<c055453a>] sys_socketcall+0xfa/0x290
 [<c0117d60>] do_page_fault+0x0/0x6b0
 [<c0103285>] sysenter_do_call+0x12/0x25
 [<c0630000>] piix_init_one+0x80/0x7d0
Code: 83 e3 04 0f b7 00 e8 a8 1b 00 00 85 c0 74 08 85 db 0f 94 c0 0f b6 
d8 85 db 5b 0f 95 c0 c3 90 8d 74 26 00 53 83 ec 0c 8b 5c 24 14 <0f> b7 
03 e8 30 40 00 00 66 40 74 15 8b 53 1c b8 01 00 00 00 85
EIP: [<c05d1d28>] checkentry+0x8/0x90 SS:ESP 0068:f61e0d6c
---[ end trace 5ffe0d7147e7154a ]---


Please keep my email address in cc.
-- 
Cu stima,
*Daniel Epure*
------------------------------------------------------------------------


*INEOSOFT SRL*
Focsani 5, Bucuresti

Tel: (+4) 0788.547.666

www.i-neo.ro <http://www.i-neo.ro>
www.i-neo.ro/ispm <http://www.i-neo.ro/ispm>




__________ NOD32 3106 (20080516) Information __________

This message was checked by NOD32 antivirus system.
http://www.eset.com

View attachment "iptables-1.4.4.ebuild" of type "text/plain" (2076 bytes)

View attachment ".config" of type "text/plain" (47094 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ