Vulnerability
fpf module
Affected
fpf module
Description
"XR Agent" found following. Fpf kernel module by |CyRaX| alters
linux tcp/ip stack to emulate other OS'es against nmap/queso
fingerprints using parser by FuSyS that reads nmap-os-fingerprints
for os emulation choice.
However, attempts to send fragmented packets to local or remote
machine with nmap (-sS -f, -sN -f, -sX -f, -sF -f, -sA -f) or
hping (hping -f) using host with loaded fpf.o lead to kernel
panic ("Aiee, killing interrupt handle. Kernel panic: Attempted
to k ill the idle task ! In interrupt handler - not syncing.") if
run from console or force immediate reboot if the packet sending
tool is run from an xterm.
When fpf.o - running machine recieves nmap / hping fragmented
packets from remote hosts system freezes.
Tested on Slackware 7.1 kernel 2.2.16 (i386).
Solution
Nothing yet.
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH
