Fw: kernel panic [linux 2.2.19-7] on UDP scan CP4.1-SP5

[Scott Walker Register <scott.register () us checkpoint com>]

Check Point is investigating this report, and will publish more information if warranted by further research.  We 
invite any future findings of this nature to be reported directly to us at security-alert () checkpoint com.

Scott W. Register
Product Manager
Check Point Software

------------------------
  From: Yanek Korff <yanek () cigital com>
  Subject: kernel panic [linux 2.2.19-7] on UDP scan CP4.1-SP5 
  Date: Wed, 14 Nov 2001 15:40:24 +0200 
  To: vuln-dev () securityfocus com


I'm testing out CP4.1 SP5 on Linux RH7.0.  I seem to have gotten everything
configured the way I want it and am starting to run some scans to see what I
can see.  Well, what I see is: nmap -sU -P0 ip_addr causes the machine to
instantly crash with a kernel panic, or in some cases, reboot.  I'm not
great at troubleshooting kernel/module troubles so any help would be greatly
appreciated.  IF you happen to have a Linux CP FW-1 box you could run nmap
against, I'd love to know your results (incl OS/kernel info).  Might want to
do this off-hours, though.

Without CP-FW1 running (/etc/rc.d/init.d/firewall1 stop), I cannot cause a
kernel panic with a UDP scan.  Has anyone else noticed this behavior?

Hardware:
Dell Dimension XPSB800r
128MB RAM
3Com EtherLink III 3c905-TX (three of them)

Have been able to reproduce this problem with kernels:
2.2.19-7 (CUSTOM)
2.2.16-20 (GENERIC  RH 7.0)

Tail end of the error message (after register & stack dump):
Code: 8b 41 08 3d 2b 2f c3 a5 0f 85 c6 00 00 00 8b 41 0c 85 c0 74
Aiee, killing interrupt handler
Kernel panic: Attempted to kill the idle task!
In swapper task - not syncing

-Yanek.


---------------End of Original Message-----------------