Description of problem: We've found a replicable situation where pppd causes a kernel crash. First of all a bit of framework. We use pppd to provide remote support to some of our customers. Every customer has a personal account to connect to our server using PPP. The firewall on these accounts is configured so that we can connect back to their servers and check for problems, but the remote server has basicly no access at all to our network. Since few weeks one of these customers caught a virus or a dialer (it uses a windows based server) which tries to connect to our server using the RAS entry configured for remote support, probably thinking it is an Internet connection. The RAS entry has the password saved, so that the virus is able to authenticate against our server, even though it isn't able to do anything else because of the configured firewall. So far nothing wrong, by the way sometimes the virus is able to bring our server down because of a kernel crash. I haven't been able to save the kernel OOPS on screen but it clearly reported that the problem was caused by ppp. I have a log of the debug PPP session as saved by pppd (see attachemnt). We will further investigate to try to identify the virus or the dialer and may be catch the kernel OOPS. Version-Release number of selected component (if applicable): ppp 2.4.3-6.2.1, kernel-smp 2.6.17 1.2157_FC5 How reproducible: difficult to reproduce Steps to Reproduce: you need an infected windows pc, more info to be gathered Actual results: kernel crash Expected results: normal connection but no kernel crash and everything filtered out by the firewall Additional info: none
Assigning to kernel.
Some news. The problem happened again. In the meantime I upgraded the kernel to the latest fc5 one: Name : kernel-smp Version : 2.6.19 Release : 1.2288.2.4.fc5 This time I captured part of the kernel OOPS. Unfortunately I had to copy it manually from the screen and I couldn't copy it completely because I had to restart the server ASAP. I hope I've copied the relevant parts and I didn't some mistake while copying: EIP is at skb_under_panic+0x59/0x67 Process ksoftirqd/1 (pid 6, ti=c07a5000 task=dff210f0 task.ti=dff2a000) ... Call trace: [<e0bdd915>] ppp_receive_nommp_frame+0x537/x6a6 [ppp_generic] [<e0bbe4d8>] ppp_input+0xbc/0xeb [ppp_generic] [<e0bc5a68>] ppp_async_process+0x26/0x59 [ppp_async] [<c042b80b>] tasklet_action+0x55/0xaf [<c042b755>] __do_softirq+0x5a/0xbb [<c04063bd>] do_softirq+0x55/0xb5 ... EIP: [<c05bc5bb>] skb_under_panic+0x59/0x67 SS:ESP 0068::c07a5f54 <0> Kernel panic - not syncing: fatal exception in interrupt
This is a kernel problem, assigning to kernel.
latest FC5 kernel is 2.6.20-1.2300.fc5, released March 14th. Please test with that.
Upgraded to 2.6.20, waiting to see what happens. Side note: while upgrading I discovered another unrelated problem, see bug #233089
Patch is now available, will be in next update.
*** Bug 231853 has been marked as a duplicate of this bug. ***
Fedora apologizes that these issues have not been resolved yet. We're sorry it's taken so long for your bug to be properly triaged and acted on. We appreciate the time you took to report this issue and want to make sure no important bugs slip through the cracks. If you're currently running a version of Fedora Core between 1 and 6, please note that Fedora no longer maintains these releases. We strongly encourage you to upgrade to a current Fedora release. In order to refocus our efforts as a project we are flagging all of the open bugs for releases which are no longer maintained and closing them. http://fedoraproject.org/wiki/LifeCycle/EOL If this bug is still open against Fedora Core 1 through 6, thirty days from now, it will be closed 'WONTFIX'. If you can reporduce this bug in the latest Fedora version, please change to the respective version. If you are unable to do this, please add a comment to this bug requesting the change. Thanks for your help, and we apologize again that we haven't handled these issues to this point. The process we are following is outlined here: http://fedoraproject.org/wiki/BugZappers/F9CleanUp We will be following the process here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping to ensure this doesn't happen again. And if you'd like to join the bug triage team to help make things better, check out http://fedoraproject.org/wiki/BugZappers
I didn't do further tests for this issue, nevertheless the problem never happened again. There have been various kernel upgrades since this bug, which makes me think that it has been fixed in newer kernels.
Thanks for the update.